Openswan: Denial of Service
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 200909-05 / openswan |
| Release Date |
September 09, 2009 |
| Latest Revision |
September 09, 2009: 01 |
| Impact |
normal |
| Exploitable |
remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| net-misc/openswan |
<
2.4.15 |
>=
2.4.15 |
All supported architectures
|
Related bugreports:
#264346, #275233
Synopsis
Multiple vulnerabilities in the pluto IKE daemon of Openswan might allow
remote attackers to cause a Denial of Service.
2.
Impact Information
Background
Openswan is an implementation of IPsec for Linux.
Description
Multiple vulnerabilities have been discovered in Openswan:
- Gerd v. Egidy reported a NULL pointer dereference in the Dead Peer
Detection of the pluto IKE daemon as included in Openswan
(CVE-2009-0790).
- The Orange Labs vulnerability research team
discovered multiple vulnerabilities in the ASN.1 parser
(CVE-2009-2185).
Impact
A remote attacker could exploit these vulnerabilities by sending
specially crafted R_U_THERE or R_U_THERE_ACK packets, or a specially
crafted X.509 certificate containing a malicious Relative Distinguished
Name (RDN), UTCTIME string or GENERALIZEDTIME string to cause a Denial
of Service of the pluto IKE daemon.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
All Openswan users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openswan-2.4.15"
|
4.
References
|
