Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201411-07
HistoryNov 23, 2014 - 12:00 a.m.

Openswan: Denial of service

2014-11-2300:00:00
Gentoo Foundation
security.gentoo.org
11

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON

Background

Openswan is an implementation of IPsec for Linux.

Description

A NULL pointer dereference has been found in Openswan.

Impact

A remote attacker could create a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

Gentoo has discontinued support for Openswan. We recommend that users unmerge Openswan:

 # emerge --unmerge "net-misc/openswan"

NOTE: The Gentoo developer(s) maintaining Openswan have discontinued support at this time. It may be possible that a new Gentoo developer will update Openswan at a later date. Alternatives packages such as Libreswan and strongSwan are currently available in Gentoo Portage.

OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/openswan<=Β 2.6.39-r1UNKNOWN

Related

openvas 12
amazon 1
nessus 7
mageia 1
cve 1
oraclelinux 1
redhat 1
centos 1
prion 1
ics 1
seebug 1
securityvulns 2
ubuntucve 2
debian 1
osv 1
openvas
openvas
CentOS Update for openswan CESA-2014:0185 centos5
2014-02-20 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-303)
2015-09-08 00:00:00
CentOS Update for openswan CESA-2014:0185 centos5
2014-02-20 00:00:00
amazon
amazon
Medium: openswan
2014-03-10 09:40:00
nessus
nessus
CentOS 5 / 6 : openswan (CESA-2014:0185)
2014-02-19 00:00:00
GLSA-201411-07 : Openswan: Denial of Service
2014-11-24 00:00:00
Scientific Linux Security Update : openswan on SL5.x, SL6.x i386/x86_64 (20140218)
2014-02-19 00:00:00
mageia
mageia
Updated openswan packages fix CVE-2013-6466
2014-02-26 01:39:07
cve
cve
CVE-2013-6466
2014-01-26 20:55:00
oraclelinux
oraclelinux
openswan security update
2014-02-18 00:00:00
redhat
redhat
(RHSA-2014:0185) Moderate: openswan security update
2014-02-18 00:00:00
centos
centos
openswan security update
2014-02-18 19:52:25
prion
prion
Null pointer dereference
2014-01-26 20:55:00
ics
ics
PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware
2017-09-07 12:00:00
seebug
seebug
Openswan IKEv2θ΄Ÿθ½½θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž
2014-02-20 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2893-1] openswan security update
2014-04-07 00:00:00
Openswan / Strongswan security vulnerabilities
2014-05-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-2037
2014-11-26 00:00:00
CVE-2013-6466
2014-01-26 00:00:00
debian
debian
[SECURITY] [DSA 2893-1] openswan security update
2014-03-31 20:01:56
osv
osv
openswan - security update
2014-03-31 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON
Related for GLSA-201411-07
openvas12amazon1nessus7mageia1cve1oraclelinux1redhat1centos1prion1ics1seebug1securityvulns2ubuntucve2debian1osv1