Secunia Security Advisory 34472

Secunia Security Advisory 34472: Posted Mar 31, 2009; Authored by Secunia | Site secunia.com; Secunia Security Advisory - Debian has issued an update for openswan. This fixes a vulnerability and a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service).; tags | advisory, denial of service, local; systems | linux, debian; SHA-256 | 590c9000d292b46c9a8346103d499a94241b1565f72b34dc3eab16baef30d165; Download | Favorite | View

Secunia Security Advisory 34472

----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia
report for 2008.

Highlights from the 2008 report:
 * Vulnerability Research
 * Software Inspection Results
 * Secunia Research Highlights
 * Secunia Advisory Statistics

Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/

Stay Secure,

Secunia


----------------------------------------------------------------------

TITLE:
Debian update for openswan

SECUNIA ADVISORY ID:
SA34472

VERIFY ADVISORY:
http://secunia.com/advisories/34472/

DESCRIPTION:
Debian has issued an update for openswan. This fixes a vulnerability
and a security issue, which can be exploited by malicious, local
users to perform certain actions with escalated privileges and by
malicious people to cause a DoS (Denial of Service).

1) An error in the processing of Dead Peer Detection packets can be
exploited to cause a crash.

For more information:
SA34483

2) The "IPSEC livetest" tool uses the "ipseclive.conn" and
"ipsec.olts.remote.log" temporary files in an insecure manner. This
can be exploited to e.g. overwrite arbitrary files via symlink
attacks.

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.diff.gz
Size/MD5 checksum: 92351 d43193ea57c9ba646aa9a2ae479c65dd
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz
Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.dsc
Size/MD5 checksum: 887 0bb9a0b8fda2229aed2ea1e7755259db

Architecture independent packages:

http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch1_all.deb
Size/MD5 checksum: 598920 7f24c626025d0725409fc5f282834859
http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch1_all.deb
Size/MD5 checksum: 525862 69a5d63858abbde46369f1178715bb23

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_alpha.deb
Size/MD5 checksum: 1742492 a6a7ab937c9a172c74e19bf85ed5af15

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_amd64.deb
Size/MD5 checksum: 1744812 6c1cd62d31174fce3dae9b8393594c73

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_arm.deb
Size/MD5 checksum: 1719132 30678772efa350b67ba19b7eb5ebc4c2

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_hppa.deb
Size/MD5 checksum: 1758480 cc2108239ed20143d7dc8ead6c6cb6c0

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_i386.deb
Size/MD5 checksum: 1712448 07a390d204baaf83a5fb4cb6745a786a

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_ia64.deb
Size/MD5 checksum: 1930720 1c95baf380d131f78767af55841566ab

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mips.deb
Size/MD5 checksum: 1692214 90f1710f68414a17fb4d29168746bbed

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mipsel.deb
Size/MD5 checksum: 1697294 ce452a37b284bd1c49925482c4be6554

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_powerpc.deb
Size/MD5 checksum: 1667818 786f2533b336ced17cb15b988586c224

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_s390.deb
Size/MD5 checksum: 1671506 d8981c0fd7db865ae7a2172b7d6a4ffa

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_sparc.deb
Size/MD5 checksum: 1622248 f6cd4abafd3ddfdcc50ad4a346bde5cf


-- Debian GNU/Linux 5.0 alias lenny --

Source archives:

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.dsc
Size/MD5 checksum: 1315 df7cd3ea125815e36b74b98857b3d5be
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz
Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.diff.gz
Size/MD5 checksum: 127288 eaed626706af274b44a51210f8eb9d13

Architecture independent packages:

http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny1_all.deb
Size/MD5 checksum: 544388 a26397193d910b2b469fba692760e4a2
http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny1_all.deb
Size/MD5 checksum: 609908 dbbd73cc5402dc1b3e1ae205546f4d9f

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_alpha.deb
Size/MD5 checksum: 1754216 1b179d83df0d9efa17f6987e9c9501d8

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_amd64.deb
Size/MD5 checksum: 1772492 f330caae76805540227bf51974dbd6c6

arm architecture (ARM)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_arm.deb
Size/MD5 checksum: 1756426 ca71fca809dd7268ae73365bfe13fd12

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_armel.deb
Size/MD5 checksum: 1736800 0d22e152defbd8f1c71831ac407ae34a

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_hppa.deb
Size/MD5 checksum: 1775916 a9fc238495fe9c5c7f770d08e677639b

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_i386.deb
Size/MD5 checksum: 1730858 3187b4ea1c4b4827e2016abb8ff44eae

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_ia64.deb
Size/MD5 checksum: 1964194 6fbf238ebc2e1294349985fb42ccab28

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mips.deb
Size/MD5 checksum: 1703004 61a50f377061161973b841833752aafb

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mipsel.deb
Size/MD5 checksum: 1709240 a0f724d83f9435684af2aec5a2386545

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_powerpc.deb
Size/MD5 checksum: 1710422 41aab00fccc6b17ae3d6a9a4aaccd729

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_s390.deb
Size/MD5 checksum: 1694918 31692764017d63e6a86f595ed9366e15

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_sparc.deb
Size/MD5 checksum: 1649130 681f2aa23b6d79c5ecf0e2dec3ffbd7f

-- Debian GNU/Linux unstable alias sid --

Reportedly, updated packages will be available soon.

ORIGINAL ADVISORY:
DSA-1760-1:
http://lists.debian.org/debian-security-announce/2009/msg00070.html

OTHER REFERENCES:
SA34483:
http://secunia.com/advisories/34483/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Secunia Security Advisory 34472

Secunia Security Advisory 34472

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 34472

Share This

Secunia Security Advisory 34472

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems