The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-16T19:10:23.776Z

Reserved: 2017-07-05T00:00:00Z

Link: CVE-2016-10396

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2017-07-06T01:29:00.177

Modified: 2025-04-20T01:37:25.860

Link: CVE-2016-10396

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-12-02T00:00:00Z

Links: CVE-2016-10396 - Bugzilla

cve-icon OpenCVE Enrichment

No data.