VULHUB ™

It has been reported that it is possible for attackers to remotely delete SAs (security associations) in hosts running isakmpd. When isakmpd receives an "INITIAL CONTACT" notification that is attached to a payload considered "reasonable", it will delete the SA associated with the IP address from which the message originated. All associated SAs will be deleted as well. Notifications of "INITIAL CONTACT" will be ignored if the messages to which they are chained are part of an informational exchange.

It has been reported that it is possible for attackers to remotely delete SAs (security associations) in hosts running isakmpd. When isakmpd receives an "INITIAL CONTACT" notification that is attached to a payload considered "reasonable", it will delete the SA associated with the IP address from which the message originated. All associated SAs will be deleted as well. Notifications of "INITIAL CONTACT" will be ignored if the messages to which they are chained are part of an informational exchange.