Test ID:	1.3.6.1.4.1.25623.1.0.63732
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1760-1)
Summary:	The remote host is missing an update for the Debian 'openswan' package(s) announced via the DSA-1760-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'openswan' package(s) announced via the DSA-1760-1 advisory. Vulnerability Insight: Two vulnerabilities have been discovered in openswan, an IPSec implementation for linux. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-4190 Dmitry E. Oboukhov discovered that the livetest tool is using temporary files insecurely, which could lead to a denial of service attack. CVE-2009-0790 Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone to a denial of service attack via a malicious packet. For the oldstable distribution (etch), this problem has been fixed in version 2.4.6+dfsg.2-1.1+etch1. For the stable distribution (lenny), this problem has been fixed in version 2.4.12+dfsg-1.3+lenny1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your openswan packages. Affected Software/OS: 'openswan' package(s) on Debian 4, Debian 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4190 BugTraq ID: 31243 http://www.securityfocus.com/bid/31243 Bugtraq: 20090310 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation (Google Search) http://www.securityfocus.com/archive/1/501624/100/0/threaded http://www.securityfocus.com/archive/1/501640/100/0/threaded Debian Security Information: DSA-1760 (Google Search) http://www.debian.org/security/2009/dsa-1760 https://www.exploit-db.com/exploits/9135 http://www.openwall.com/lists/oss-security/2008/10/30/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078 http://www.redhat.com/support/errata/RHSA-2009-0402.html http://secunia.com/advisories/34182 http://secunia.com/advisories/34472 XForce ISS Database: openswan-livetest-symlink(45250) https://exchange.xforce.ibmcloud.com/vulnerabilities/45250 Common Vulnerability Exposure (CVE) ID: CVE-2009-0790 1021949 http://www.securitytracker.com/id?1021949 1021950 http://www.securitytracker.com/id?1021950 20090330 CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec http://www.securityfocus.com/archive/1/502270/100/0/threaded 34296 http://www.securityfocus.com/bid/34296 34472 34483 http://secunia.com/advisories/34483 34494 http://secunia.com/advisories/34494 34546 http://secunia.com/advisories/34546 ADV-2009-0886 http://www.vupen.com/english/advisories/2009/0886 DSA-1759 http://www.debian.org/security/2009/dsa-1759 DSA-1760 RHSA-2009:0402 SUSE-SR:2009:009 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://download.strongswan.org/CHANGES4.txt http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt openswan-strongswan-dpd-dos(49523) https://exchange.xforce.ibmcloud.com/vulnerabilities/49523 oval:org.mitre.oval:def:11171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.