This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:openswan:openswan
Detail
VendorOpenswanFirst view 2004-12-06
ProductOpenswanLast view 2014-01-26
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:openswan:openswan:2.6.391
cpe:/a:openswan:openswan:2.6.382
cpe:/a:openswan:openswan:2.6.372
cpe:/a:openswan:openswan:2.6.363
cpe:/a:openswan:openswan:2.6.354
Hide | Show 88 More...
CPE NameAffected CVE
cpe:/a:openswan:openswan:2.6.344
cpe:/a:openswan:openswan:2.6.334
cpe:/a:openswan:openswan:2.6.324
cpe:/a:openswan:openswan:2.6.314
cpe:/a:openswan:openswan:2.6.304
cpe:/a:openswan:openswan:2.6.294
cpe:/a:openswan:openswan:2.6.287
cpe:/a:openswan:openswan:2.6.277
cpe:/a:openswan:openswan:2.6.267
cpe:/a:openswan:openswan:2.6.255
cpe:/a:openswan:openswan:2.6.243
cpe:/a:openswan:openswan:2.6.233
cpe:/a:openswan:openswan:2.6.223
cpe:/a:openswan:openswan:2.6.213
cpe:/a:openswan:openswan:2.6.205
cpe:/a:openswan:openswan:2.6.195
cpe:/a:openswan:openswan:2.6.185
cpe:/a:openswan:openswan:2.6.175
cpe:/a:openswan:openswan:2.6.166
cpe:/a:openswan:openswan:2.6.156
cpe:/a:openswan:openswan:2.6.146
cpe:/a:openswan:openswan:2.6.136
cpe:/a:openswan:openswan:2.6.126
cpe:/a:openswan:openswan:2.6.116
cpe:/a:openswan:openswan:2.6.106
cpe:/a:openswan:openswan:2.6.096
cpe:/a:openswan:openswan:2.6.086
cpe:/a:openswan:openswan:2.6.076
cpe:/a:openswan:openswan:2.6.066
cpe:/a:openswan:openswan:2.6.056
cpe:/a:openswan:openswan:2.6.046
cpe:/a:openswan:openswan:2.6.036
cpe:/a:openswan:openswan:2.6.023
cpe:/a:openswan:openswan:2.6.013
cpe:/a:openswan:openswan:2.5.182
cpe:/a:openswan:openswan:2.5.172
cpe:/a:openswan:openswan:2.5.162
cpe:/a:openswan:openswan:2.5.152
cpe:/a:openswan:openswan:2.5.142
cpe:/a:openswan:openswan:2.5.132
cpe:/a:openswan:openswan:2.5.122
cpe:/a:openswan:openswan:2.5.112
cpe:/a:openswan:openswan:2.5.102
cpe:/a:openswan:openswan:2.5.092
cpe:/a:openswan:openswan:2.5.082
cpe:/a:openswan:openswan:2.5.072
cpe:/a:openswan:openswan:2.5.062
cpe:/a:openswan:openswan:2.5.052
cpe:/a:openswan:openswan:2.5.042
cpe:/a:openswan:openswan:2.5.032
cpe:/a:openswan:openswan:2.5.022
cpe:/a:openswan:openswan:2.5.012
cpe:/a:openswan:openswan:2.5.0:sbs42
cpe:/a:openswan:openswan:2.5.02
cpe:/a:openswan:openswan:2.5.0:sbs52
cpe:/a:openswan:openswan:2.4.94
cpe:/a:openswan:openswan:2.4.82
cpe:/a:openswan:openswan:2.4.72
cpe:/a:openswan:openswan:2.4.62
cpe:/a:openswan:openswan:2.4.54
cpe:/a:openswan:openswan:2.4.45
cpe:/a:openswan:openswan:2.4.34
cpe:/a:openswan:openswan:2.4.25
cpe:/a:openswan:openswan:2.4.132
cpe:/a:openswan:openswan:2.4.122
cpe:/a:openswan:openswan:2.4.112
cpe:/a:openswan:openswan:2.4.104
cpe:/a:openswan:openswan:2.4.14
cpe:/a:openswan:openswan:2.46
cpe:/a:openswan:openswan:2.3.13
cpe:/a:openswan:openswan:2.3.03
cpe:/a:openswan:openswan:2.32
cpe:/a:openswan:openswan:2.2.11
cpe:/a:openswan:openswan:2.2.01
cpe:/a:openswan:openswan:2.22
cpe:/a:openswan:openswan:2.1.62
cpe:/a:openswan:openswan:2.1.52
cpe:/a:openswan:openswan:2.1.42
cpe:/a:openswan:openswan:2.1.22
cpe:/a:openswan:openswan:2.1.12
cpe:/a:openswan:openswan:21
cpe:/a:openswan:openswan:1.0.92
cpe:/a:openswan:openswan:1.0.81
cpe:/a:openswan:openswan:1.0.71
cpe:/a:openswan:openswan:1.0.61
cpe:/a:openswan:openswan:1.0.51
cpe:/a:openswan:openswan:1.0.41
cpe:/a:openswan:openswan:11

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52014-01-26CVE-2013-6466NetworkLowNone Requ...
6.82013-07-09CVE-2013-2053NetworkMediumNone Requ...
42011-11-17CVE-2011-4073NetworkLowRequires ...
52011-11-17CVE-2011-3380NetworkLowNone Requ...
3.62011-05-20CVE-2011-2147LocalLowNone Requ...
Hide | Show 10 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.52010-10-05CVE-2010-3753NetworkLowRequires ...
6.52010-10-05CVE-2010-3752NetworkLowRequires ...
6.52010-10-05CVE-2010-3308NetworkLowRequires ...
6.52010-10-05CVE-2010-3302NetworkLowRequires ...
52009-06-24CVE-2009-2185NetworkLowNone Requ...
52009-04-01CVE-2009-0790NetworkLowNone Requ...
4.42008-09-24CVE-2008-4190LocalMediumNone Requ...
7.82005-11-18CVE-2005-3671NetworkLowNone Requ...
7.22005-01-26CVE-2005-0162LocalLowNone Requ...
102004-12-06CVE-2004-0590NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
20% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (2)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...
20% (2)CWE-20Improper Input Validation
10% (1)CWE-399Resource Management Errors
10% (1)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 2 More...
%idName
10% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
10% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:10078The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6...
oval:org.mitre.oval:def:7907DSA-1759 strongswan -- denial of service
oval:org.mitre.oval:def:13547DSA-1760-1 openswan -- denial of service
oval:org.mitre.oval:def:12881DSA-1759-1 strongswan -- denial of service
oval:org.mitre.oval:def:11171The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:21841ELSA-2009:0402: openswan security update (Important)
oval:org.mitre.oval:def:8369DSA-1898 openswan -- denial of service
oval:org.mitre.oval:def:18226DSA-1898-1 openswan - denial of service
oval:org.mitre.oval:def:11079The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1...
oval:org.mitre.oval:def:22909ELSA-2009:1138: openswan security update (Important)
oval:org.mitre.oval:def:21951RHSA-2010:0892: openswan security update (Moderate)
oval:org.mitre.oval:def:23499ELSA-2010:0892: openswan security update (Moderate)
oval:org.mitre.oval:def:28023ELSA-2010-0892 -- openswan security update (moderate)
oval:org.mitre.oval:def:21718RHSA-2011:1356: openswan security update (Moderate)
oval:org.mitre.oval:def:23697ELSA-2011:1356: openswan security update (Moderate)
oval:org.mitre.oval:def:27906ELSA-2011-1356 -- openswan security update (moderate)
oval:org.mitre.oval:def:21544RHSA-2011:1422: openswan security update (Moderate)
oval:org.mitre.oval:def:15120DSA-2374-1 openswan -- implementation error
oval:org.mitre.oval:def:23495ELSA-2011:1422: openswan security update (Moderate)
oval:org.mitre.oval:def:23264DEPRECATED: ELSA-2011:1422: openswan security update (Moderate)
oval:org.mitre.oval:def:28165ELSA-2011-1422 -- openswan security update (moderate)
oval:org.mitre.oval:def:21119RHSA-2013:0827: openswan security update (Important)
oval:org.mitre.oval:def:23764ELSA-2013:0827: openswan security update (Important)
oval:org.mitre.oval:def:23135DEPRECATED: ELSA-2013:0827: openswan security update (Important)
oval:org.mitre.oval:def:25464SUSE-SU-2013:1150-1 -- Security update for openswan

Open Source Vulnerability Database (OSVDB)

idDescription
76725Openswan Uuse-after-free Crypto Helper Handler ISAKMP Phase 1 Authentication ...
76100Openswan pluto/ike_alg.c ike_alg_enc_ok() Function ISAKMP Message IKE Packet ...
75016Openswan Multiple File Permissions Weakness Arbitrary File Write
68393Openswan Client programs/pluto/xauth.c cisco_banner Field Shell Metacharacter...
68392Openswan Client programs/pluto/xauth.c cisco_*_info Packet Shell Metacharacte...
Hide | Show 11 More...
idDescription
68385Openswan Client programs/pluto/xauth.c cisco_banner Field Remote Overflow
68384Openswan Client programs/pluto/xauth.c cisco_*_info Data Packet Handling Remo...
60992FreeS/WAN ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS)
60991Openswan ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS)
55421Openswan ASN.1 Parser Crafted X.509 Certificate Remote IKE Daemon DoS
55420strongSwan ASN.1 Parser Crafted X.509 Certificate RDN IKE Daemon Remote DoS
53209Openswan Pluto IKE Daemon Dead Peer Detection NULL Dereference Remote DoS
53208strongSwan Pluto IKE Daemon Dead Peer Detection NULL Dereference Remote DoS
49096Openswan IPSEC livetest Tool Multiple Temporary File Symlink Arbitrary File O...
13195Openswan XAUTH/PAM get_internal_addresses() Function Remote Overflow
7281Swan Products X.509 Certificate Validation Bypass and DoS

Milw0rm Exploits

idDescription
2009-07-13Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit

ExploitDB Exploits

idDescription
9135Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-07-30Name : CentOS Update for openswan CESA-2011:1422 centos5 x86_64
File : nvt/gb_CESA-2011_1422_openswan_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for openswan RHSA-2011:1356-01
File : nvt/gb_RHSA-2011_1356-01_openswan.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-13 (Openswan)
File : nvt/glsa_201203_13.nasl
2012-04-02Name : Fedora Update for openswan FEDORA-2011-13825
File : nvt/gb_fedora_2011_13825_openswan_fc16.nasl
2012-04-02Name : Fedora Update for openswan FEDORA-2011-15196
File : nvt/gb_fedora_2011_15196_openswan_fc16.nasl
Hide | Show 20 More...
idDescription
2012-02-11Name : Debian Security Advisory DSA 2374-1 (openswan)
File : nvt/deb_2374_1.nasl
2011-12-12Name : Fedora Update for openswan FEDORA-2011-15077
File : nvt/gb_fedora_2011_15077_openswan_fc15.nasl
2011-12-12Name : Fedora Update for openswan FEDORA-2011-15127
File : nvt/gb_fedora_2011_15127_openswan_fc14.nasl
2011-11-03Name : RedHat Update for openswan RHSA-2011:1422-01
File : nvt/gb_RHSA-2011_1422-01_openswan.nasl
2011-11-03Name : CentOS Update for openswan CESA-2011:1422 centos5 i386
File : nvt/gb_CESA-2011_1422_openswan_centos5_i386.nasl
2011-08-09Name : CentOS Update for openswan CESA-2009:0402 centos5 i386
File : nvt/gb_CESA-2009_0402_openswan_centos5_i386.nasl
2011-08-09Name : CentOS Update for openswan CESA-2009:1138 centos5 i386
File : nvt/gb_CESA-2009_1138_openswan_centos5_i386.nasl
2010-12-02Name : Fedora Update for openswan FEDORA-2010-15381
File : nvt/gb_fedora_2010_15381_openswan_fc14.nasl
2010-10-19Name : Fedora Update for openswan FEDORA-2010-15508
File : nvt/gb_fedora_2010_15508_openswan_fc12.nasl
2010-10-19Name : Fedora Update for openswan FEDORA-2010-15516
File : nvt/gb_fedora_2010_15516_openswan_fc13.nasl
2009-10-19Name : Mandrake Security Advisory MDVSA-2009:273 (strongswan)
File : nvt/mdksa_2009_273.nasl
2009-10-13Name : SLES10: Security update for openswan
File : nvt/sles10_openswan0.nasl
2009-10-13Name : SLES10: Security update for openswan
File : nvt/sles10_openswan1.nasl
2009-10-13Name : SLES10: Security update for strongswan
File : nvt/sles10_strongswan.nasl
2009-10-13Name : SLES10: Security update for strongswan
File : nvt/sles10_strongswan1.nasl
2009-10-11Name : SLES11: Security update for openswan
File : nvt/sles11_openswan.nasl
2009-10-11Name : SLES11: Security update for openswan
File : nvt/sles11_openswan0.nasl
2009-10-11Name : SLES11: Security update for strongswan
File : nvt/sles11_strongswan.nasl
2009-10-11Name : SLES11: Security update for strongswan
File : nvt/sles11_strongswan1.nasl
2009-10-10Name : SLES9: Security update for freeswan
File : nvt/sles9p5018500.nasl

Snort® IPS/IDS

DateDescription
2014-01-10Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt
RuleID : 21334 - Type : SERVER-WEBAPP - Revision : 2
2014-01-10Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt
RuleID : 21333 - Type : SERVER-WEBAPP - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-10-11Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-6.nasl - Type : ACT_GATHER_INFO
2014-04-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2893.nasl - Type : ACT_GATHER_INFO
2014-03-12Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-303.nasl - Type : ACT_GATHER_INFO
2014-02-19Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0185.nasl - Type : ACT_GATHER_INFO
2014-02-19Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0185.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-02-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0185.nasl - Type : ACT_GATHER_INFO
2014-02-19Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140218_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-01-20Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-09.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-192.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-06.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-18.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0827.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0402.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1356.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1422.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1138.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0892.nasl - Type : ACT_GATHER_INFO
2013-07-06Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openswan-8627.nasl - Type : ACT_GATHER_INFO
2013-07-06Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_openswan-130625.nasl - Type : ACT_GATHER_INFO
2013-05-16Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130515_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-05-16Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0827.nasl - Type : ACT_GATHER_INFO
2013-05-16Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0827.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090330_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090702_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111005_openswan_on_SL6_x.nasl - Type : ACT_GATHER_INFO