Download
| Alert*
oval:org.secpod.oval:def:1600202
A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan"s pluto IKE daemon to crash or, potential ... oval:org.secpod.oval:def:202879 Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange . IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Opensw ... oval:org.secpod.oval:def:1300235 Multiple vulnerabilities has been discovered and corrected in openswan: The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the ipseclive.conn and ipsec.olts.remote.log ... oval:org.secpod.oval:def:202881 Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange . IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Opensw ... oval:org.secpod.oval:def:1500171 Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ... oval:org.secpod.oval:def:1500173 Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ... oval:org.secpod.oval:def:601249 Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux. CVE-2013-2053 During an audit of Libreswan , Florian Weimer found a remote buffer overflow in the atodn function. This vulnerability can be triggered when Opportunistic Encryption is enabled and an attacker controls ... oval:org.secpod.oval:def:501056 Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange . IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Opensw ... |