CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2010-3752 – Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet
https://notcve.org/view.php?id=CVE-2010-3752
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-3302. programs/pluto/xauth.c en el cliente en Openswan v2.6.26 a v2.6.28 permite ejecutar, a gateways autenticados remotos, comandos de su elección a través de metacaracteres encubiertos en el campo cisco_banner (también conocido como server_banner). Se trata de una vulnerabilidad diferente a CVE-2010-3308. • http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt http://www.openswan.org/download/CVE-2010-3302/openswan-2.6.25-CVE-2010-3302.patch http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch http://www.redhat.com/support/errata/RHSA-2010-0892.html http://www.securityfocus.com/bid/43588 http://www.securitytracker.com/id?1024749 http://www.vupen.com/english/advisories/2010/2526 https://access.redhat.com/security/cve/C • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3753 – Openswan: Gateway arbitrary execution via shell metacharacters in the cisco_banner
https://notcve.org/view.php?id=CVE-2010-3753
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-3308. programs/pluto/xauth.c en el cliente en Openswan v2.6.26 a v2.6.28 permite ejecutar, a gateways autenticados remotos, comandos de su elección a través de metacaracteres encubiertos en el campo cisco_banner (también conocido como server_banner). Se trata de una vulnerabilidad diferente a CVE-2010-3308. • http://www.openswan.org/download/CVE-2010-3308/CVE-2010-3308.txt http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch http://www.redhat.com/support/errata/RHSA-2010-0892.html http://www.securityfocus.com/bid/43588 http://www.securitytracker.com/id?1024749 http://www.vupen.com/english/advisories/2010/2526 https://access.redhat.com/security/cve/CVE-2010-3753 https://bugzilla.redhat.com/show_bug.cgi?id=640715 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.1EPSS: 4%CPEs: 3EXPL: 0CVE-2010-3308 – Openswan cisco banner option handling vulnerability
https://notcve.org/view.php?id=CVE-2010-3308
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field. Desbordamiento de búfer en programs/pluto/xauth.c en el cliente en Openswan v2.6.26 a v2.6.28 podría permitir ejecutar código de su elección a gateways autenticados remotos o causar una denegación de servicio a través de valor excesivamente largo en cisco_banner (también conocido como server_banner). • http://lists.fedoraproject.org/pipermail/package-announce/2010-October/048999.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049053.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049073.html http://secunia.com/advisories/41769 http://www.openswan.org/download/CVE-2010-3308/CVE-2010-3308.txt http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch http://www.redhat.com/support/errata/RHSA-2010-0892.htm • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •