ISAKMP spi size buffer overflow
Internet Security Association and Key Management Protocol (ISAKMP) is a key exchange protocol signature. ISAKMP is vulnerable to a
buffer overflow. A remote attacker can send a specially-crafted ISAKMP payload to a vulnerable VPN client or server to overflow a buffer
and execute arbitrary code on the system, possibly with administrative privileges.
The supported operating systems in the Platforms Affected list are only vulnerable if they use the LibKmp ISAKMP library. Only VPN
or firewall products which implement the Entrust LibKmp ISAKMP library are vulnerable.
Apply the appropriate hotfix for this vulnerability, as listed in the Symantec Security Response SYM04-012 and available from the
Symantec FTP Update Web site. See References.
Can anyone help me resolved this? It is rated as high risk. Can't find remedy for this on the website.