Executive Summary
Summary | |
---|---|
Title | openswan security update |
Informations | |||
---|---|---|---|
Name | DSA-2893 | First vendor Publication | 2014-03-31 |
Vendor | Debian | Last vendor Modification | 2014-03-31 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux. CVE-2013-2053 During an audit of Libreswan (with which Openswan shares some code), Florian Weimer found a remote buffer overflow in the atodn() function. This vulnerability can be triggered when Opportunistic Encryption (OE) is enabled and an attacker controls the PTR record of a peer IP address. Authentication is not needed to trigger the vulnerability. CVE-2013-6466 Iustina Melinte found a vulnerability in Libreswan which also applies to the Openswan code. By carefuly crafting IKEv2 packets, an attacker can make the pluto daemon derefeences non-received IKEv2 payload, leading to the daemon crash. Authentication is not needed to trigger the vulnerability. Patches were originally written to fix the vulnerabilities in Libreswan, and have been ported to Openswan by Paul Wouters from the Libreswan Project. Since the Openswan package is not maintained anymore in the Debian distribution and is not available in testing and unstable suites, it is recommended for IKE/IPsec users to switch to a supported implementation like strongSwan. For the oldstable distribution (squeeze), these problems have been fixed in version 2.6.28+dfsg-5+squeeze2. For the stable distribution (wheezy), these problems have been fixed in version 2.6.37-3.1. We recommend that you upgrade your openswan packages. |
Original Source
Url : http://www.debian.org/security/2014/dsa-2893 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21119 | |||
Oval ID: | oval:org.mitre.oval:def:21119 | ||
Title: | RHSA-2013:0827: openswan security update (Important) | ||
Description: | Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0827-01 CESA-2013:0827 CVE-2013-2053 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | openswan |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23135 | |||
Oval ID: | oval:org.mitre.oval:def:23135 | ||
Title: | DEPRECATED: ELSA-2013:0827: openswan security update (Important) | ||
Description: | Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0827-01 CVE-2013-2053 | Version: | 7 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openswan |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23503 | |||
Oval ID: | oval:org.mitre.oval:def:23503 | ||
Title: | DSA-2893-1 openswan - security update | ||
Description: | Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2893-1 CVE-2013-2053 CVE-2013-6466 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | openswan |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23561 | |||
Oval ID: | oval:org.mitre.oval:def:23561 | ||
Title: | DEPRECATED: ELSA-2014:0185: openswan security update (Moderate) | ||
Description: | Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0185-00 CVE-2013-6466 | Version: | 7 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openswan |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23764 | |||
Oval ID: | oval:org.mitre.oval:def:23764 | ||
Title: | ELSA-2013:0827: openswan security update (Important) | ||
Description: | Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0827-01 CVE-2013-2053 | Version: | 6 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openswan |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23892 | |||
Oval ID: | oval:org.mitre.oval:def:23892 | ||
Title: | ELSA-2014:0185: openswan security update (Moderate) | ||
Description: | Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0185-00 CVE-2013-6466 | Version: | 6 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | openswan |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24155 | |||
Oval ID: | oval:org.mitre.oval:def:24155 | ||
Title: | RHSA-2014:0185: openswan security update (Moderate) | ||
Description: | Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0185-00 CESA-2014:0185 CVE-2013-6466 | Version: | 7 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | openswan |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25464 | |||
Oval ID: | oval:org.mitre.oval:def:25464 | ||
Title: | SUSE-SU-2013:1150-1 -- Security update for openswan | ||
Description: | This openswan update fixes a remote buffer overflow issue (bnc#824316 / CVE-2013-2053). Security Issue reference: * CVE-2013-2053 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2053 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1150-1 CVE-2013-2053 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10 | Product(s): | openswan |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27208 | |||
Oval ID: | oval:org.mitre.oval:def:27208 | ||
Title: | DEPRECATED: ELSA-2014-0185 -- openswan security update (moderate) | ||
Description: | [2.6.32-27.2] - Resolves: rhbz#1050337 (CVE-2013-6466 refix for delete/notify code) [2.6.32-27.1] - Resolves: rhbz#1050337 (CVE-2013-6466) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0185 CVE-2013-6466 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openswan |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27554 | |||
Oval ID: | oval:org.mitre.oval:def:27554 | ||
Title: | DEPRECATED: ELSA-2013-0827 -- openswan security update (important) | ||
Description: | [2.6.32-20] Resolves: #960234 - CVE-2013-2053 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0827 CVE-2013-2053 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openswan |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201411-07.nasl - Type : ACT_GATHER_INFO |
2014-04-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2893.nasl - Type : ACT_GATHER_INFO |
2014-03-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-303.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0185.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0185.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0185.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140218_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-01-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-09.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-192.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0827.nasl - Type : ACT_GATHER_INFO |
2013-07-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openswan-130625.nasl - Type : ACT_GATHER_INFO |
2013-07-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openswan-8627.nasl - Type : ACT_GATHER_INFO |
2013-05-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0827.nasl - Type : ACT_GATHER_INFO |
2013-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0827.nasl - Type : ACT_GATHER_INFO |
2013-05-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130515_openswan_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-04-03 13:22:39 |
|
2014-04-01 00:22:11 |
|