This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Openswan First view 2004-12-06
Product Openswan Last view 2011-05-20
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:openswan:openswan:1:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.2:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.1.6:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.3:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.1.1:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.1.2:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.1.4:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.1.5:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.9:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.4:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.6:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.5:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.8:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:1.0.7:*:*:*:*:*:*:* 2
cpe:2.3:a:openswan:openswan:2.2.1:*:*:*:*:*:*:* 1
cpe:2.3:a:openswan:openswan:2.2.0:*:*:*:*:*:*:* 1
cpe:2.3:a:openswan:openswan:2:*:*:*:*:*:*:* 1

Related : CVE

  Date Alert Description
3.6 2011-05-20 CVE-2011-2147

Openswan 2.2.x does not properly restrict permissions for (1) /var/run/starter.pid, related to starter.c in the IPsec starter, and (2) /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a file, as demonstrated by files with 0666 permissions, a different vulnerability than CVE-2011-1784.
4.4 2008-09-24 CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.
7.8 2005-11-18 CVE-2005-3671

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
7.2 2005-01-26 CVE-2005-0162

Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code.
10 2004-12-06 CVE-2004-0590

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-264 Permissions, Privileges, and Access Controls
50% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:10078 The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6...

Open Source Vulnerability Database (OSVDB)

id Description
75016 Openswan Multiple File Permissions Weakness Arbitrary File Write
60992 FreeS/WAN ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS)
60991 Openswan ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS)
49096 Openswan IPSEC livetest Tool Multiple Temporary File Symlink Arbitrary File O...
13195 Openswan XAUTH/PAM get_internal_addresses() Function Remote Overflow
7281 Swan Products X.509 Certificate Validation Bypass and DoS

ExploitDB Exploits

id Description
9135 Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit

OpenVAS Exploits

id Description
2012-04-30 Name : Gentoo Security Advisory GLSA 201203-13 (Openswan)
File : nvt/glsa_201203_13.nasl
2011-08-09 Name : CentOS Update for openswan CESA-2009:0402 centos5 i386
File : nvt/gb_CESA-2009_0402_openswan_centos5_i386.nasl
2009-10-10 Name : SLES9: Security update for freeswan
File : nvt/sles9p5018500.nasl
2009-04-15 Name : CentOS Security Advisory CESA-2009:0402 (openswan)
File : nvt/ovcesa2009_0402.nasl
2009-04-06 Name : RedHat Security Advisory RHSA-2009:0402
File : nvt/RHSA_2009_0402.nasl
2009-04-06 Name : Debian Security Advisory DSA 1760-1 (openswan)
File : nvt/deb_1760_1.nasl
2009-03-13 Name : Gentoo Security Advisory GLSA 200903-18 (openswan)
File : nvt/glsa_200903_18.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200406-20 (Openswan)
File : nvt/glsa_200406_20.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200512-04 (openswan ipsec-tools)
File : nvt/glsa_200512_04.nasl

Nessus® Vulnerability Scanner

id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2009-0402.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20090330_openswan_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201203-13.nasl - Type: ACT_GATHER_INFO
2010-01-06 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2009-0402.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10753.nasl - Type: ACT_GATHER_INFO
2009-03-31 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1760.nasl - Type: ACT_GATHER_INFO
2009-03-31 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2009-0402.nasl - Type: ACT_GATHER_INFO
2009-03-10 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200903-18.nasl - Type: ACT_GATHER_INFO
2005-12-30 Name: The remote host is missing a vendor-supplied security patch
File: suse_SA_2005_070.nasl - Type: ACT_GATHER_INFO
2005-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200512-04.nasl - Type: ACT_GATHER_INFO
2005-11-22 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-1092.nasl - Type: ACT_GATHER_INFO
2005-11-22 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-1093.nasl - Type: ACT_GATHER_INFO
2005-02-02 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-082.nasl - Type: ACT_GATHER_INFO
2004-08-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200406-20.nasl - Type: ACT_GATHER_INFO
2004-07-31 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2004-070.nasl - Type: ACT_GATHER_INFO