Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200406-20 (Openswan)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.54605

Kategorie: Gentoo Local Security Checks

Titel: Gentoo Security Advisory GLSA 200406-20 (Openswan)

Zusammenfassung: The remote host is missing updates announced in;advisory GLSA 200406-20.

Beschreibung: Summary:
The remote host is missing updates announced in
advisory GLSA 200406-20.

Vulnerability Insight:
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when
authenticating PKCS#7 certificates. This could allow an attacker to
authenticate with a fake certificate.

Solution:
All FreeS/WAN 1.9x users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '=net-misc/freeswan-1.99-r1'
# emerge '=net-misc/freeswan-1.99-r1'

All FreeS/WAN 2.x users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=net-misc/freeswan-2.04-r1'
# emerge '>=net-misc/freeswan-2.04-r1'

All Openswan 1.x users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '=net-misc/openswan-1.0.6_rc1'
# emerge '=net-misc/openswan-1.0.6_rc1'

All Openswan 2.x users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=net-misc/openswan-2.1.4'
# emerge '>=net-misc/openswan-2.1.4'

All strongSwan users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=net-misc/strongswan-2.1.3'
# emerge '>=net-misc/strongswan-2.1.3'

All Super-FreeS/WAN users should migrate to the latest stable version of
Openswan. Note that Portage will force a move for Super-FreeS/WAN users to
Openswan.

# emerge sync

# emerge -pv '=net-misc/openswan-1.0.6_rc1'
# emerge '=net-misc/openswan-1.0.6_rc1'

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0590
http://security.gentoo.org/glsa/glsa-200406-20.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070
XForce ISS Database: ipsec-verifyx509cert-auth-bypass(16515)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16515

Copyright Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.54605
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200406-20 (Openswan)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200406-20.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200406-20. Vulnerability Insight: FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when authenticating PKCS#7 certificates. This could allow an attacker to authenticate with a fake certificate. Solution: All FreeS/WAN 1.9x users should upgrade to the latest stable version: # emerge sync # emerge -pv '=net-misc/freeswan-1.99-r1' # emerge '=net-misc/freeswan-1.99-r1' All FreeS/WAN 2.x users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=net-misc/freeswan-2.04-r1' # emerge '>=net-misc/freeswan-2.04-r1' All Openswan 1.x users should upgrade to the latest stable version: # emerge sync # emerge -pv '=net-misc/openswan-1.0.6_rc1' # emerge '=net-misc/openswan-1.0.6_rc1' All Openswan 2.x users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=net-misc/openswan-2.1.4' # emerge '>=net-misc/openswan-2.1.4' All strongSwan users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=net-misc/strongswan-2.1.3' # emerge '>=net-misc/strongswan-2.1.3' All Super-FreeS/WAN users should migrate to the latest stable version of Openswan. Note that Portage will force a move for Super-FreeS/WAN users to Openswan. # emerge sync # emerge -pv '=net-misc/openswan-1.0.6_rc1' # emerge '=net-misc/openswan-1.0.6_rc1' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0590 http://security.gentoo.org/glsa/glsa-200406-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070 XForce ISS Database: ipsec-verifyx509cert-auth-bypass(16515) https://exchange.xforce.ibmcloud.com/vulnerabilities/16515
Copyright	Copyright (C) 2008 E-Soft Inc.