5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.7%
CentOS Errata and Security Advisory CESA-2014:0185
Openswan is a free implementation of Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both
authentication and encryption services. These services allow you to build
secure tunnels through untrusted networks.
A NULL pointer dereference flaw was discovered in the way Openswanβs IKE
daemon processed IKEv2 payloads. A remote attacker could send specially
crafted IKEv2 payloads that, when processed, would lead to a denial of
service (daemon crash), possibly causing existing VPN connections to be
dropped. (CVE-2013-6466)
All openswan users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-February/082323.html
https://lists.centos.org/pipermail/centos-announce/2014-February/082324.html
Affected packages:
openswan
openswan-doc
Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0185
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | openswan | <Β 2.6.32-27.2.el6_5 | openswan-2.6.32-27.2.el6_5.i686.rpm |
CentOS | 6 | i686 | openswan-doc | <Β 2.6.32-27.2.el6_5 | openswan-doc-2.6.32-27.2.el6_5.i686.rpm |
CentOS | 6 | x86_64 | openswan | <Β 2.6.32-27.2.el6_5 | openswan-2.6.32-27.2.el6_5.x86_64.rpm |
CentOS | 6 | x86_64 | openswan-doc | <Β 2.6.32-27.2.el6_5 | openswan-doc-2.6.32-27.2.el6_5.x86_64.rpm |
CentOS | 5 | i386 | openswan | <Β 2.6.32-7.3.el5_10 | openswan-2.6.32-7.3.el5_10.i386.rpm |
CentOS | 5 | i386 | openswan-doc | <Β 2.6.32-7.3.el5_10 | openswan-doc-2.6.32-7.3.el5_10.i386.rpm |
CentOS | 5 | x86_64 | openswan | <Β 2.6.32-7.3.el5_10 | openswan-2.6.32-7.3.el5_10.x86_64.rpm |
CentOS | 5 | x86_64 | openswan-doc | <Β 2.6.32-7.3.el5_10 | openswan-doc-2.6.32-7.3.el5_10.x86_64.rpm |