Summary
Detail | |||
---|---|---|---|
Vendor | Openswan | First view | 2004-12-06 |
Product | Openswan | Last view | 2011-05-20 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.6 | 2011-05-20 | CVE-2011-2147 | Openswan 2.2.x does not properly restrict permissions for (1) /var/run/starter.pid, related to starter.c in the IPsec starter, and (2) /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a file, as demonstrated by files with 0666 permissions, a different vulnerability than CVE-2011-1784. |
4.4 | 2008-09-24 | CVE-2008-4190 | The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled. |
7.8 | 2005-11-18 | CVE-2005-3671 | The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. |
7.2 | 2005-01-26 | CVE-2005-0162 | Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. |
10 | 2004-12-06 | CVE-2004-0590 | FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
50% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10078 | The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
75016 | Openswan Multiple File Permissions Weakness Arbitrary File Write |
60992 | FreeS/WAN ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) |
60991 | Openswan ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) |
49096 | Openswan IPSEC livetest Tool Multiple Temporary File Symlink Arbitrary File O... |
13195 | Openswan XAUTH/PAM get_internal_addresses() Function Remote Overflow |
7281 | Swan Products X.509 Certificate Validation Bypass and DoS |
ExploitDB Exploits
id | Description |
---|---|
9135 | Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit |
OpenVAS Exploits
id | Description |
---|---|
2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-13 (Openswan) File : nvt/glsa_201203_13.nasl |
2011-08-09 | Name : CentOS Update for openswan CESA-2009:0402 centos5 i386 File : nvt/gb_CESA-2009_0402_openswan_centos5_i386.nasl |
2009-10-10 | Name : SLES9: Security update for freeswan File : nvt/sles9p5018500.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0402 (openswan) File : nvt/ovcesa2009_0402.nasl |
2009-04-06 | Name : RedHat Security Advisory RHSA-2009:0402 File : nvt/RHSA_2009_0402.nasl |
2009-04-06 | Name : Debian Security Advisory DSA 1760-1 (openswan) File : nvt/deb_1760_1.nasl |
2009-03-13 | Name : Gentoo Security Advisory GLSA 200903-18 (openswan) File : nvt/glsa_200903_18.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200406-20 (Openswan) File : nvt/glsa_200406_20.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200512-04 (openswan ipsec-tools) File : nvt/glsa_200512_04.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2009-0402.nasl - Type: ACT_GATHER_INFO |
2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20090330_openswan_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
2012-03-19 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201203-13.nasl - Type: ACT_GATHER_INFO |
2010-01-06 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-0402.nasl - Type: ACT_GATHER_INFO |
2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_10753.nasl - Type: ACT_GATHER_INFO |
2009-03-31 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1760.nasl - Type: ACT_GATHER_INFO |
2009-03-31 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2009-0402.nasl - Type: ACT_GATHER_INFO |
2009-03-10 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200903-18.nasl - Type: ACT_GATHER_INFO |
2005-12-30 | Name: The remote host is missing a vendor-supplied security patch File: suse_SA_2005_070.nasl - Type: ACT_GATHER_INFO |
2005-12-15 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200512-04.nasl - Type: ACT_GATHER_INFO |
2005-11-22 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1092.nasl - Type: ACT_GATHER_INFO |
2005-11-22 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1093.nasl - Type: ACT_GATHER_INFO |
2005-02-02 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-082.nasl - Type: ACT_GATHER_INFO |
2004-08-30 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200406-20.nasl - Type: ACT_GATHER_INFO |
2004-07-31 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2004-070.nasl - Type: ACT_GATHER_INFO |