Subject: upgrade suggested for pkgsrc/security/racoon
To: None <tech-security@netbsd.org, tech-net@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-security
Date: 09/24/2000 06:31:32
by mail.netbsd.org with SMTP; 23 Sep 2000 21:33:08 -0000
by starfruit.itojun.org (8.11.0/8.11.0) with ESMTP id e8NLVWF19682;
Sun, 24 Sep 2000 06:31:32 +0900 (JST)
Message-Id: <200009232131.e8NLVWF19682@ starfruit.itojun.org>
To: tech-security@netbsd.org, tech-net@netbsd.org
reply-to: tech-security@netbsd.org
Subject: upgrade suggested for pkgsrc/security/racoon
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
Date: Sun, 24 Sep 2000 06:31:32 +0900
if you are using pkgsrc/security/racoon, it is recommended to
upgrade to racoon-20000923a or more recent. previous binaries
have administration tcp port open without authentication. (the port
is bound to 127.0.0.1, so no remote access), because of this, your
IPsec SAs may become visible unwillingly to nonprivileged local users.
(hmm, should I pkgsrc/distfiles/vulnerabilities?)
itojun