RedHat Update for openswan RHSA-2014:0185-01

RedHat Update for openswan RHSA-2014:0185-01. Affects IPsec implementation. Includes backported security patch to resolve NULL pointer dereference flaw

Reporter	Title	Published	Views	Family All 42
Amazon	Medium: openswan	10 Mar 201400:00	–	amazon
Tenable Nessus	Amazon Linux AMI : openswan (ALAS-2014-303)	12 Mar 201400:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : openswan (CESA-2014:0185)	19 Feb 201400:00	–	nessus
Tenable Nessus	Debian DSA-2893-1 : openswan - security update	2 Apr 201400:00	–	nessus
Tenable Nessus	GLSA-201411-07 : Openswan: Denial of Service	24 Nov 201400:00	–	nessus
Tenable Nessus	MiracleLinux 4 : openswan-2.6.32-27.2.0.1.AXS4 (AXSA:2014-035:01)	16 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 5 / 6 : openswan (ELSA-2014-0185)	19 Feb 201400:00	–	nessus
Tenable Nessus	RHEL 5 / 6 : openswan (RHSA-2014:0185)	19 Feb 201400:00	–	nessus
Tenable Nessus	Scientific Linux Security Update : openswan on SL5.x, SL6.x i386/x86_64 (20140218)	19 Feb 201400:00	–	nessus
BDU FSTEC	The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec

Source	Link
redhat	www.redhat.com/archives/rhsa-announce/2014-February/msg00024.html

###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for openswan RHSA-2014:0185-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");

if(description)
{
  script_id(871127);
  script_version("$Revision: 6688 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:49:31 +0200 (Wed, 12 Jul 2017) $");
  script_tag(name:"creation_date", value:"2014-02-20 15:25:04 +0530 (Thu, 20 Feb 2014)");
  script_cve_id("CVE-2013-6466");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_name("RedHat Update for openswan RHSA-2014:0185-01");

  tag_insight = "Openswan is a free implementation of Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both
authentication and encryption services. These services allow you to build
secure tunnels through untrusted networks.

A NULL pointer dereference flaw was discovered in the way Openswan's IKE
daemon processed IKEv2 payloads. A remote attacker could send specially
crafted IKEv2 payloads that, when processed, would lead to a denial of
service (daemon crash), possibly causing existing VPN connections to be
dropped. (CVE-2013-6466)

All openswan users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
";

  tag_affected = "openswan on Red Hat Enterprise Linux (v. 5 server),
  Red Hat Enterprise Linux Desktop (v. 6),
  Red Hat Enterprise Linux Server (v. 6),
  Red Hat Enterprise Linux Workstation (v. 6)";

  tag_solution = "Please Install the Updated Packages.";


  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name: "RHSA", value: "2014:0185-01");
  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-February/msg00024.html");
  script_summary("Check for the Version of openswan");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_6")
{

  if ((res = isrpmvuln(pkg:"openswan", rpm:"openswan~2.6.32~27.2.el6_5", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openswan-debuginfo", rpm:"openswan-debuginfo~2.6.32~27.2.el6_5", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "RHENT_5")
{

  if ((res = isrpmvuln(pkg:"openswan", rpm:"openswan~2.6.32~7.3.el5_10", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openswan-debuginfo", rpm:"openswan-debuginfo~2.6.32~7.3.el5_10", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openswan-doc", rpm:"openswan-doc~2.6.32~7.3.el5_10", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

12 Jul 2017 00:00Current

6.4Medium risk

Vulners AI Score6.4

EPSS0.02664