Page 2 of 7 results (0.009 seconds)

CVSS: 5.0EPSS: 84%CPEs: 60EXPL: 0

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD. El demonio IKE pluto de Openswan y Strongswan IPsec v2.6 anterior a v2.6.21 y v2.4 anterior a v2.4.14, y Strongswan v4.2 anterior a v4.2.14 y v2.8 anteior a v2.8.9; permite a atacantes remotos provocar una denegación de servicio (caída del demonio y reinicio) a través de (1) R_U_THERE o (2) R_U_THERE_ACK Detección de pares muertos (Dead Peer Detection -DPD) mensaje de Notificación IKE IPsec que provoca una referencia a puntero nulo relacionado con el estado inconsistente ISAKMP y la falta de un estado de asociacion phase2 en DPD. • http://download.strongswan.org/CHANGES4.txt http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34472 http://secunia.com/advisories/34483 http://secunia.com/advisories/34494 http://secunia.com/advisories/34546 http://www.debian.org/security/2009/dsa-1759 http://www.debian.org/security/2009/dsa-1760 http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt http://www.redhat.com/support/errata/RHSA-2009-0402.html http:/ • CWE-20: Improper Input Validation •

CVSS: 4.4EPSS: 0%CPEs: 41EXPL: 1

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled. La herramienta livetest de IPSEC en Openswan versión 2.4.12 y anteriores, y versiones 2.6.x hasta 2.6.16, permite a los usuarios locales sobrescribir archivos arbitrarios y ejecutar código arbitrario mediante un ataque de tipo symlink en los archivos temporales (1) ipseclive.conn y (2) ipsec.olts.remote.log. NOTA: en muchas distribuciones y en la versión anterior, esta herramienta se ha deshabilitado. Openswan versions equal to and below 2.4.12/2.6.16 suffer from an insecure file creation vulnerability that allows for privilege escalation. • https://www.exploit-db.com/exploits/9135 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374 http://dev.gentoo.org/~rbu/security/debiantemp/openswan http://secunia.com/advisories/34182 http://secunia.com/advisories/34472 http://www.debian.org/security/2009/dsa-1760 http://www.openwall.com/lists/oss-security/2008/10/30/2 http://www.redhat.com/support/errata/RHSA-2009-0402.html http://www.securityfocus.com/archive/1/501624/100/0/threaded http://www.securi • CWE-59: Improper Link Resolution Before File Access ('Link Following') •