5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.026 Low
EPSS
Percentile
88.8%
Openswan is a free implementation of Internet Protocol Security (IPsec) and
Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both
authentication and encryption services. These services allow you to build
secure tunnels through untrusted networks.
A NULL pointer dereference flaw was discovered in the way Openswanβs IKE
daemon processed IKEv2 payloads. A remote attacker could send specially
crafted IKEv2 payloads that, when processed, would lead to a denial of
service (daemon crash), possibly causing existing VPN connections to be
dropped. (CVE-2013-6466)
All openswan users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | ppc64 | openswan | <Β 2.6.32-27.2.el6_5 | openswan-2.6.32-27.2.el6_5.ppc64.rpm |
RedHat | 6 | x86_64 | openswan-debuginfo | <Β 2.6.32-27.2.el6_5 | openswan-debuginfo-2.6.32-27.2.el6_5.x86_64.rpm |
RedHat | 5 | ia64 | openswan | <Β 2.6.32-7.3.el5_10 | openswan-2.6.32-7.3.el5_10.ia64.rpm |
RedHat | 5 | s390x | openswan-doc | <Β 2.6.32-7.3.el5_10 | openswan-doc-2.6.32-7.3.el5_10.s390x.rpm |
RedHat | 5 | ia64 | openswan-doc | <Β 2.6.32-7.3.el5_10 | openswan-doc-2.6.32-7.3.el5_10.ia64.rpm |
RedHat | 5 | ppc | openswan-debuginfo | <Β 2.6.32-7.3.el5_10 | openswan-debuginfo-2.6.32-7.3.el5_10.ppc.rpm |
RedHat | 5 | x86_64 | openswan-debuginfo | <Β 2.6.32-7.3.el5_10 | openswan-debuginfo-2.6.32-7.3.el5_10.x86_64.rpm |
RedHat | 6 | ppc64 | openswan-debuginfo | <Β 2.6.32-27.2.el6_5 | openswan-debuginfo-2.6.32-27.2.el6_5.ppc64.rpm |
RedHat | 6 | i686 | openswan-doc | <Β 2.6.32-27.2.el6_5 | openswan-doc-2.6.32-27.2.el6_5.i686.rpm |
RedHat | 6 | s390x | openswan | <Β 2.6.32-27.2.el6_5 | openswan-2.6.32-27.2.el6_5.s390x.rpm |