English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.880853
Categoría:CentOS Local Security Checks
Título:CentOS Update for openswan CESA-2009:0402 centos5 i386
Resumen:The remote host is missing an update for the 'openswan'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'openswan'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Openswan is a free implementation of Internet Protocol Security (IPsec)
and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide
both authentication and encryption services. These services allow you to
build secure tunnels through untrusted networks. Everything passing through
the untrusted network is encrypted by the IPsec gateway machine, and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network (VPN).

Gerd v. Egidy discovered a flaw in the Dead Peer Detection (DPD) in
Openswan's pluto IKE daemon. A remote attacker could use a malicious DPD
packet to crash the pluto daemon. (CVE-2009-0790)

It was discovered that Openswan's livetest script created temporary files
in an insecure manner. A local attacker could use this flaw to overwrite
arbitrary files owned by the user running the script. (CVE-2008-4190)

Note: The livetest script is an incomplete feature and was not
automatically executed by any other script distributed with Openswan, or
intended to be used at all, as was documented in its man page. In these
updated packages, the script only prints an informative message and exits
immediately when run.

All users of openswan are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. After installing
this update, the ipsec service will be restarted automatically.

Affected Software/OS:
openswan on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-4190
BugTraq ID: 31243
http://www.securityfocus.com/bid/31243
Bugtraq: 20090310 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation (Google Search)
http://www.securityfocus.com/archive/1/501624/100/0/threaded
http://www.securityfocus.com/archive/1/501640/100/0/threaded
Debian Security Information: DSA-1760 (Google Search)
http://www.debian.org/security/2009/dsa-1760
https://www.exploit-db.com/exploits/9135
http://www.openwall.com/lists/oss-security/2008/10/30/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078
http://www.redhat.com/support/errata/RHSA-2009-0402.html
http://secunia.com/advisories/34182
http://secunia.com/advisories/34472
XForce ISS Database: openswan-livetest-symlink(45250)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45250
Common Vulnerability Exposure (CVE) ID: CVE-2009-0790
1021949
http://www.securitytracker.com/id?1021949
1021950
http://www.securitytracker.com/id?1021950
20090330 CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec
http://www.securityfocus.com/archive/1/502270/100/0/threaded
34296
http://www.securityfocus.com/bid/34296
34472
34483
http://secunia.com/advisories/34483
34494
http://secunia.com/advisories/34494
34546
http://secunia.com/advisories/34546
ADV-2009-0886
http://www.vupen.com/english/advisories/2009/0886
DSA-1759
http://www.debian.org/security/2009/dsa-1759
DSA-1760
RHSA-2009:0402
SUSE-SR:2009:009
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://download.strongswan.org/CHANGES4.txt
http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt
openswan-strongswan-dpd-dos(49523)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49523
oval:org.mitre.oval:def:11171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171
CopyrightCopyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.