{"cve": [{"lastseen": "2018-10-11T11:33:52", "bulletinFamily": "NVD", "description": "The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.", "modified": "2018-10-10T15:31:18", "published": "2009-04-01T06:30:00", "id": "CVE-2009-0790", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0790", "title": "CVE-2009-0790", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n==========================================================================\r\nOpenswan & Strongswan Security Notification March 30, 2009\r\nRemote DoS Vulnerability in Openswan & Strongswan IPsec\r\nCVE-2009-0790\r\n==========================================================================\r\nA vulnerability in the Dead Peer Detection (RFC-3706) code was found by\r\nGerd v. Egidy <gerd.von.egidy@intra2net.com> of Intra2net AG affecting\r\nall Openswan and all Strongswan releases.\r\n\r\nA malicious (or expired ISAKMP) R_U_THERE or R_U_THERE_ACK Dead Peer\r\nDetection packet can cause the pluto IKE daemon to crash and restart. No\r\nauthentication or encryption is required to trigger this bug. One spoofed\r\nUDP packet can cause the pluto IKE daemon to restart and be unresponsive\r\nfor a few seconds while restarting.\r\n\r\nA patch was created by Paul Wouters <paul@xelerance.com> for Openswan and\r\nStrongswan.\r\n\r\nThis bug affects the following software releases:\r\n\r\nCurrent branches:\r\n\r\nOpenswan-2.6.20 and earlier\r\nStrongswan-4.2.13 and earlier\r\n\r\nMaintenance mode branches:\r\n\r\nOpenswan-2.4.13 and earlier\r\nStrongswan-2.8.8 and earlier\r\n\r\nEnd of Life branches:\r\n\r\nSuperfreeswan-1.9x\r\nOpenswan-1.x\r\nOpenswan-2.0.x - 2.3.1\r\nOpenswan-2.5.x\r\n\r\nEveryone is strongly encouraged to upgrade to these minimum versions:\r\n\r\nopenswan-2.6.21\r\nstrongswan-4.2.14\r\n\r\nopenswan-2.4.14\r\nstrongswan-2.8.9\r\n\r\nIf you cannot upgrade to a new version, please apply the appropriate\r\npatch as listed at http://www.openswan.org/CVE-2009-0790/\r\n\r\nDead Peer Detection is an IPsec IKE Notification message. It uses\r\nan ICOOKIE/RCOOKIE mechanism to match an incoming packet to a know\r\nSecurity Association (ISAKMP). Unlike most Notification messages, DPD\r\nnotifications have no phase2 state association. Incorrect handling of\r\nthis exception can cause a NULL pointer dereference on a non-existing\r\nstate object 'st'. This bug is triggered in the case where one end has\r\nexpired an ISAKMP state, but the other end still uses the old state\r\nto send a DPD Notification.\r\n\r\nSince this state-lookup is performed before any encryption or\r\ndecryption takes place, as we need to find the proper ISAKMP to locate\r\nthe cryptogrpahic key material used for decryption, this bug can be\r\ntriggered without going through a phase1 (ISAKMP) negotiation.\r\n\r\nWhen such a packet is received, the pluto daemon crashes and restarts.\r\n\r\nLocations for downloading patches and source code:\r\nhttp://www.openswan.org/ http://www.strongswan.org/\r\nftp://ftp.openswan.org/openswan/ http://download1.strongswan.org/\r\nftp://ftp.openswan.fi/pub/openswan/ http://download2.strongswan.org/\r\n\r\nPaul Wouters <paul@xelerance.com>\r\nGPG key: 0xB5CC27E1\r\n==========================================================================\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niQEVAwUBSdDsnecYBqa1zCfhAQIgkQf9GGalx45xj5xmdXlSB/BZgRXhQW4fNWHp\r\nZLLt5c40hOSvcmNfgYoIEz/QKpZPjfldvJ+c/08bAyAEQiHmmKkK+cFTlH1LtpDg\r\n1f70lLrsziQ/eK1sQ9EYlFG4gbRfzjl1XZnnijAYvCAS1W12VSIU9gKN0YnHSCjH\r\nndiGTxtYPEYhzm7QzraYPB28BqBqvdQcMMwbfTThjYHMowzt6fMzFEteCTqJ5YAT\r\nWgNbbbxBz1gNGssoiN4bv0YxaT+701OfKCdgJKKXs61We3twEQ2XKCi6l5Xw/lJe\r\nmrbVHYgUGy/ef70sN03O/vN5o+2If1n0Pib6usdeEcVA0L9RQOIW5A==\r\n=NxrM\r\n-----END PGP SIGNATURE-----", "modified": "2009-04-01T00:00:00", "published": "2009-04-01T00:00:00", "id": "SECURITYVULNS:DOC:21568", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21568", "title": "CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-26T08:56:25", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65934", "id": "OPENVAS:65934", "title": "SLES10: Security update for openswan", "type": "openvas", "sourceData": "#\n#VID slesp2-openswan-6117\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for openswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65934);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for openswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.4~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:41", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065758", "id": "OPENVAS:136141256231065758", "title": "SLES10: Security update for strongswan", "type": "openvas", "sourceData": "#\n#VID slesp2-strongswan-6116\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for strongswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65758\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for strongswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.1.10~0.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.1.10~0.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:18", "bulletinFamily": "scanner", "description": "The remote host is missing an update to strongswan\nannounced via advisory DSA 1759-1.", "modified": "2018-04-06T00:00:00", "published": "2009-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063731", "id": "OPENVAS:136141256231063731", "type": "openvas", "title": "Debian Security Advisory DSA 1759-1 (strongswan)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1759_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1759-1 (strongswan)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an\nIPSec implementation for linux, is prone to a denial of service attack\nvia a malicious packet.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 4.2.4-5+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.8.0+dfsg-1+etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your strongswan packages.\";\ntag_summary = \"The remote host is missing an update to strongswan\nannounced via advisory DSA 1759-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201759-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63731\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1759-1 (strongswan)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"strongswan\", ver:\"2.8.0+dfsg-1+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"strongswan\", ver:\"4.2.4-5+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:43", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065646", "id": "OPENVAS:136141256231065646", "title": "SLES11: Security update for strongswan", "type": "openvas", "sourceData": "#\n#VID ffe70bfa8e56c5826cb371dabddec302\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for strongswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487762\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65646\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES11: Security update for strongswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.22.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.22.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update to strongswan\nannounced via advisory DSA 1759-1.", "modified": "2017-07-07T00:00:00", "published": "2009-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63731", "id": "OPENVAS:63731", "title": "Debian Security Advisory DSA 1759-1 (strongswan)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1759_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1759-1 (strongswan)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an\nIPSec implementation for linux, is prone to a denial of service attack\nvia a malicious packet.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 4.2.4-5+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.8.0+dfsg-1+etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your strongswan packages.\";\ntag_summary = \"The remote host is missing an update to strongswan\nannounced via advisory DSA 1759-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201759-1\";\n\n\nif(description)\n{\n script_id(63731);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1759-1 (strongswan)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"strongswan\", ver:\"2.8.0+dfsg-1+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"strongswan\", ver:\"4.2.4-5+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:24", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n openswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065642", "id": "OPENVAS:136141256231065642", "title": "SLES11: Security update for openswan", "type": "openvas", "sourceData": "#\n#VID 1eeddb594241891837f28e6a7ee5c80a\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for openswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n openswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487762\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65642\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES11: Security update for openswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.32.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.32.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:01", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65646", "id": "OPENVAS:65646", "title": "SLES11: Security update for strongswan", "type": "openvas", "sourceData": "#\n#VID ffe70bfa8e56c5826cb371dabddec302\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for strongswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487762\");\n script_id(65646);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES11: Security update for strongswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.22.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.22.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:41", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65758", "id": "OPENVAS:65758", "title": "SLES10: Security update for strongswan", "type": "openvas", "sourceData": "#\n#VID slesp2-strongswan-6116\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for strongswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n strongswan\n strongswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65758);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for strongswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.1.10~0.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.1.10~0.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:36", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n openswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65642", "id": "OPENVAS:65642", "title": "SLES11: Security update for openswan", "type": "openvas", "sourceData": "#\n#VID 1eeddb594241891837f28e6a7ee5c80a\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for openswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n openswan-doc\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487762\");\n script_id(65642);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES11: Security update for openswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.32.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.32.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:51", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065934", "id": "OPENVAS:136141256231065934", "title": "SLES10: Security update for openswan", "type": "openvas", "sourceData": "#\n#VID slesp2-openswan-6117\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for openswan\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openswan\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65934\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES10: Security update for openswan\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.4~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:08:57", "bulletinFamily": "scanner", "description": "Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an\nIPSec implementation for linux, is prone to a denial of service attack\nvia a malicious packet.", "modified": "2018-11-10T00:00:00", "published": "2009-03-31T00:00:00", "id": "DEBIAN_DSA-1759.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36052", "title": "Debian DSA-1759-1 : strongswan - denial of service", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1759. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36052);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2009-0790\");\n script_bugtraq_id(34296);\n script_xref(name:\"DSA\", value:\"1759\");\n\n script_name(english:\"Debian DSA-1759-1 : strongswan - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an\nIPSec implementation for linux, is prone to a denial of service attack\nvia a malicious packet.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1759\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the strongswan packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.8.0+dfsg-1+etch1.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 4.2.4-5+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:strongswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"strongswan\", reference:\"2.8.0+dfsg-1+etch1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"strongswan\", reference:\"4.2.4-5+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:55", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)", "modified": "2012-05-17T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_OPENSWAN-6117.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41574", "title": "SuSE 10 Security Update : openswan (ZYPP Patch Number 6117)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41574);\n script_version (\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:20:15 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"SuSE 10 Security Update : openswan (ZYPP Patch Number 6117)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0790.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6117.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openswan-2.4.4-18.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openswan-2.4.4-18.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:35", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).", "modified": "2014-06-13T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_1_OPENSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40287", "title": "openSUSE Security Update : openswan (openswan-687)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openswan-687.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40287);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:55:05 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"openSUSE Security Update : openswan (openswan-687)\");\n script_summary(english:\"Check for the openswan-687 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openswan-2.6.16-1.47.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openswan\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:52", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)", "modified": "2013-10-25T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_11_STRONGSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41454", "title": "SuSE 11 Security Update : strongswan (SAT Patch Number 677)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41454);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:04 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"SuSE 11 Security Update : strongswan (SAT Patch Number 677)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0790.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 677.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:strongswan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:strongswan-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"strongswan-4.2.8-1.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"strongswan-doc-4.2.8-1.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:08:58", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).", "modified": "2014-06-13T00:00:00", "published": "2009-04-08T00:00:00", "id": "SUSE_OPENSWAN-6119.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36116", "title": "openSUSE 10 Security Update : openswan (openswan-6119)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openswan-6119.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36116);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:31:04 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"openSUSE 10 Security Update : openswan (openswan-6119)\");\n script_summary(english:\"Check for the openswan-6119 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openswan-2.4.7-64.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openswan\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:35", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).", "modified": "2014-06-13T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_1_STRONGSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40311", "title": "openSUSE Security Update : strongswan (strongswan-676)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update strongswan-676.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40311);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:55:05 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"openSUSE Security Update : strongswan (strongswan-676)\");\n script_summary(english:\"Check for the strongswan-676 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected strongswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:strongswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"strongswan-4.2.8-1.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"strongswan\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:52", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)", "modified": "2013-10-25T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_11_OPENSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41444", "title": "SuSE 11 Security Update : openswan (SAT Patch Number 678)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41444);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:52:02 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"SuSE 11 Security Update : openswan (SAT Patch Number 678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0790.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 678.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openswan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openswan-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openswan-2.6.16-1.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openswan-doc-2.6.16-1.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:55", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)", "modified": "2012-05-17T00:00:00", "published": "2009-09-24T00:00:00", "id": "SUSE_STRONGSWAN-6116.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41586", "title": "SuSE 10 Security Update : strongswan (ZYPP Patch Number 6116)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41586);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:27:18 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"SuSE 10 Security Update : strongswan (ZYPP Patch Number 6116)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon. (CVE-2009-0790)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0790.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6116.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"strongswan-4.1.10-0.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"strongswan-doc-4.1.10-0.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:31", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).", "modified": "2014-06-13T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_0_OPENSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40086", "title": "openSUSE Security Update : openswan (openswan-687)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openswan-687.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40086);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:44:03 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"openSUSE Security Update : openswan (openswan-687)\");\n script_summary(english:\"Check for the openswan-687 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openswan-2.4.7-130.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openswan\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:09:32", "bulletinFamily": "scanner", "description": "By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).", "modified": "2014-06-13T00:00:00", "published": "2009-07-21T00:00:00", "id": "SUSE_11_0_STRONGSWAN-090324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40136", "title": "openSUSE Security Update : strongswan (strongswan-676)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update strongswan-676.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40136);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:44:04 $\");\n\n script_cve_id(\"CVE-2009-0790\");\n\n script_name(english:\"openSUSE Security Update : strongswan (strongswan-676)\");\n script_summary(english:\"Check for the strongswan-676 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"By sending a specially crafted Dead Peer Detection (DPD) packet remote\nattackers could crash the pluto IKE daemon (CVE-2009-0790).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected strongswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:strongswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"strongswan-4.2.1-11.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"strongswan\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:13", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1759-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nMarch 30, 2009 \thttp://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : strongswan\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE Id : CVE-2009-0790\n\n\nGerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an\nIPSec implementation for linux, is prone to a denial of service attack\nvia a malicious packet.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 4.2.4-5+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.8.0+dfsg-1+etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your strongswan packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.dsc\n Size/MD5 checksum: 811 15760a0423c8cf0829c0f71d5424ab27\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz\n Size/MD5 checksum: 3155518 8b9ac905b9bcd41fb826e3d67e90a33d\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.diff.gz\n Size/MD5 checksum: 57545 276bae2bae3230bcef527b44f3b9fb99\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_alpha.deb\n Size/MD5 checksum: 1197696 7fc7c6438f1c2739373c193784934461\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_amd64.deb\n Size/MD5 checksum: 1100438 4004ce8cfc2b2de41712a4d73a520de2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_arm.deb\n Size/MD5 checksum: 1070794 dc1e10007ea82d547591052d032e0216\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_hppa.deb\n Size/MD5 checksum: 1136062 9f5996ea05d930e0a7a361336263be58\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_i386.deb\n Size/MD5 checksum: 1051780 25b41b38e8698a6f61b3f4f523ca52c7\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_ia64.deb\n Size/MD5 checksum: 1454480 19818a3ec7756710ea1abfdbd9ebadcc\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mips.deb\n Size/MD5 checksum: 1124636 be7189aac59d98fbec7a9bf9a5f7b74d\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb\n Size/MD5 checksum: 1130402 25bdc2ca2651db73a88f079902a35f43\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb\n Size/MD5 checksum: 1097994 e1eb29c9c4dd776259178308a6b40a04\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_s390.deb\n Size/MD5 checksum: 1084268 90b6459bb59a264eaf1aa2b26ed82acd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_sparc.deb\n Size/MD5 checksum: 1024106 9ad2a093d9efad364a0eb80a0f20057f\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.dsc\n Size/MD5 checksum: 1310 c6dc3521aee080f275ea0f65ded35bca\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.diff.gz\n Size/MD5 checksum: 57299 b6d1af4a7144d5289400f35dcd18eb5e\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz\n Size/MD5 checksum: 3295212 92ddfaedd6698bc6640927def271d476\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_alpha.deb\n Size/MD5 checksum: 1301122 7c83dcbdcdb177e9bc83361d4c064f6d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_amd64.deb\n Size/MD5 checksum: 1178112 875f877f564c88b885ebf68be2478f0c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_arm.deb\n Size/MD5 checksum: 1034248 3c20d44508cc5255c3e6ad74cf9cac9c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_armel.deb\n Size/MD5 checksum: 1034868 457ca8749ced0c177c5825ca953423e7\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_hppa.deb\n Size/MD5 checksum: 1214270 353bde7aacb7e5a875ba8d715da70caa\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_i386.deb\n Size/MD5 checksum: 1099806 02a117d38e15ecf3e0b2667985b7710e\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_ia64.deb\n Size/MD5 checksum: 1615308 d0f1ed5581a772eecf3801a45d57ab95\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mips.deb\n Size/MD5 checksum: 1158540 656a66202077e4f55d24433af6ab3ce5\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mipsel.deb\n Size/MD5 checksum: 1157848 614cad1bdd081160a3fe74e3d1e4e902\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_powerpc.deb\n Size/MD5 checksum: 1228470 6dbb9fa6379444c2f0cebba7fc417027\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_s390.deb\n Size/MD5 checksum: 1258802 d92712a84cbb2d2c181546927d4f9f36\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_sparc.deb\n Size/MD5 checksum: 1142494 cd69f7750be1e6cc0e83003e74480bde\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-03-30T23:49:47", "published": "2009-03-30T23:49:47", "id": "DEBIAN:DSA-1759-1:76DD3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00069.html", "title": "[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:13:10", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1760-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nMarch 30, 2009 \thttp://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openswan\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE Id : CVE-2008-4190 CVE-2009-0790\nDebian Bug : 496374\n\n\nTwo vulnerabilities have been discovered in openswan, an IPSec\nimplementation for linux. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\n\nCVE-2008-4190\n\nDmitry E. Oboukhov discovered that the livetest tool is using temporary\nfiles insecurely, which could lead to a denial of service attack.\n\n\nCVE-2009-0790\n\nGerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone\nto a denial of service attack via a malicious packet.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.4.12+dfsg-1.3+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.4.6+dfsg.2-1.1+etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your openswan packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.diff.gz\n Size/MD5 checksum: 92351 d43193ea57c9ba646aa9a2ae479c65dd\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz\n Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.dsc\n Size/MD5 checksum: 887 0bb9a0b8fda2229aed2ea1e7755259db\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch1_all.deb\n Size/MD5 checksum: 598920 7f24c626025d0725409fc5f282834859\n http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch1_all.deb\n Size/MD5 checksum: 525862 69a5d63858abbde46369f1178715bb23\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_alpha.deb\n Size/MD5 checksum: 1742492 a6a7ab937c9a172c74e19bf85ed5af15\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_amd64.deb\n Size/MD5 checksum: 1744812 6c1cd62d31174fce3dae9b8393594c73\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_arm.deb\n Size/MD5 checksum: 1719132 30678772efa350b67ba19b7eb5ebc4c2\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_hppa.deb\n Size/MD5 checksum: 1758480 cc2108239ed20143d7dc8ead6c6cb6c0\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_i386.deb\n Size/MD5 checksum: 1712448 07a390d204baaf83a5fb4cb6745a786a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_ia64.deb\n Size/MD5 checksum: 1930720 1c95baf380d131f78767af55841566ab\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mips.deb\n Size/MD5 checksum: 1692214 90f1710f68414a17fb4d29168746bbed\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mipsel.deb\n Size/MD5 checksum: 1697294 ce452a37b284bd1c49925482c4be6554\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_powerpc.deb\n Size/MD5 checksum: 1667818 786f2533b336ced17cb15b988586c224\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_s390.deb\n Size/MD5 checksum: 1671506 d8981c0fd7db865ae7a2172b7d6a4ffa\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_sparc.deb\n Size/MD5 checksum: 1622248 f6cd4abafd3ddfdcc50ad4a346bde5cf\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.dsc\n Size/MD5 checksum: 1315 df7cd3ea125815e36b74b98857b3d5be\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz\n Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.diff.gz\n Size/MD5 checksum: 127288 eaed626706af274b44a51210f8eb9d13\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny1_all.deb\n Size/MD5 checksum: 544388 a26397193d910b2b469fba692760e4a2\n http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny1_all.deb\n Size/MD5 checksum: 609908 dbbd73cc5402dc1b3e1ae205546f4d9f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_alpha.deb\n Size/MD5 checksum: 1754216 1b179d83df0d9efa17f6987e9c9501d8\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_amd64.deb\n Size/MD5 checksum: 1772492 f330caae76805540227bf51974dbd6c6\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_arm.deb\n Size/MD5 checksum: 1756426 ca71fca809dd7268ae73365bfe13fd12\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_armel.deb\n Size/MD5 checksum: 1736800 0d22e152defbd8f1c71831ac407ae34a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_hppa.deb\n Size/MD5 checksum: 1775916 a9fc238495fe9c5c7f770d08e677639b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_i386.deb\n Size/MD5 checksum: 1730858 3187b4ea1c4b4827e2016abb8ff44eae\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_ia64.deb\n Size/MD5 checksum: 1964194 6fbf238ebc2e1294349985fb42ccab28\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mips.deb\n Size/MD5 checksum: 1703004 61a50f377061161973b841833752aafb\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mipsel.deb\n Size/MD5 checksum: 1709240 a0f724d83f9435684af2aec5a2386545\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_powerpc.deb\n Size/MD5 checksum: 1710422 41aab00fccc6b17ae3d6a9a4aaccd729\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_s390.deb\n Size/MD5 checksum: 1694918 31692764017d63e6a86f595ed9366e15\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_sparc.deb\n Size/MD5 checksum: 1649130 681f2aa23b6d79c5ecf0e2dec3ffbd7f\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-03-30T23:50:09", "published": "2009-03-30T23:50:09", "id": "DEBIAN:DSA-1760-1:978F6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00070.html", "title": "[SECURITY] [DSA 1760-1] New openswan packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:55:03", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 34296\r\nCVE(CAN) ID: CVE-2009-0790\r\n\r\nOpenswan\u548cstrongSwan\u90fd\u662fLinux\u7cfb\u7edf\u4e0b\u7684IPSEC\u5b9e\u73b0\u3002\r\n\r\n\u6b7b\u4ea1\u5bf9\u7b49\u4f53\u68c0\u6d4b\uff08DPD\uff09\u662fIPsec IKE\u901a\u77e5\u6d88\u606f\uff0c\u4f7f\u7528ICOOKIE/RCOOKIE\u673a\u5236\u5c06\u5165\u7ad9\u62a5\u6587\u5339\u914d\u5230\u5df2\u77e5\u7684\u5b89\u5168\u5173\u8054\uff08ISAKMP\uff09\u3002\u5728\u4e00\u4e2a\u7aef\u70b9\u7684ISAKMP\u72b6\u6001\u5df2\u8fc7\u671f\u4f46\u53e6\u4e00\u4e2a\u7aef\u70b9\u4ecd\u5728\u4f7f\u7528\u65e7\u72b6\u6001\u53d1\u9001DPD\u901a\u77e5\u7684\u60c5\u51b5\u4e0b\uff0c\u5982\u679c\u8fdc\u7a0b\u653b\u51fb\u8005\u5411Openswan\u548cstrongSwan\u53d1\u9001\u4e86\u6076\u610f\u7684R_U_THERE\u6216 R_U_THERE_ACK\u901a\u77e5\u62a5\u6587\u7684\u8bdd\uff0c\u5c31\u4f1a\u5728\u4e0d\u5b58\u5728\u7684\u72b6\u6001\u5bf9\u8c61st\u4e0a\u89e6\u53d1\u7a7a\u6307\u9488\u5f15\u7528\uff0c\u5bfc\u81f4pluto IKE\u5b88\u62a4\u7a0b\u5e8f\u5d29\u6e83\u5e76\u91cd\u542f\u3002\r\n\r\n\u7531\u4e8e\u8fd9\u79cd\u72b6\u6001\u67e5\u8be2\u662f\u5728\u52a0\u5bc6\u6216\u89e3\u5bc6\u4e4b\u524d\u6267\u884c\u7684\uff0c\u56e0\u6b64\u53ef\u65e0\u9700\u7ecf\u8fc7phase1\uff08ISAKMP\uff09\u534f\u5546\u4fbf\u89e6\u53d1\u8fd9\u4e2a\u6f0f\u6d1e\u3002\n\nOpenswan Openswan < 2.6.21\r\nstrongSwan strongSwan < 4.2.14\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1759-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1759-1\uff1aNew strongswan packages fix denial of service\r\n\u94fe\u63a5\uff1a<a href=http://www.debian.org/security/2009/dsa-1759 target=_blank rel=external nofollow>http://www.debian.org/security/2009/dsa-1759</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.dsc target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.dsc</a>\r\nSize/MD5 checksum: 811 15760a0423c8cf0829c0f71d5424ab27\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz</a>\r\nSize/MD5 checksum: 3155518 8b9ac905b9bcd41fb826e3d67e90a33d\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.diff.gz target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.diff.gz</a>\r\nSize/MD5 checksum: 57545 276bae2bae3230bcef527b44f3b9fb99\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_alpha.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_alpha.deb</a>\r\nSize/MD5 checksum: 1197696 7fc7c6438f1c2739373c193784934461\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_amd64.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_amd64.deb</a>\r\nSize/MD5 checksum: 1100438 4004ce8cfc2b2de41712a4d73a520de2\r\n\r\narm architecture (ARM)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_arm.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_arm.deb</a>\r\nSize/MD5 checksum: 1070794 dc1e10007ea82d547591052d032e0216\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_hppa.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_hppa.deb</a>\r\nSize/MD5 checksum: 1136062 9f5996ea05d930e0a7a361336263be58\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_i386.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_i386.deb</a>\r\nSize/MD5 checksum: 1051780 25b41b38e8698a6f61b3f4f523ca52c7\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_ia64.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_ia64.deb</a>\r\nSize/MD5 checksum: 1454480 19818a3ec7756710ea1abfdbd9ebadcc\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mips.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mips.deb</a>\r\nSize/MD5 checksum: 1124636 be7189aac59d98fbec7a9bf9a5f7b74d\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb</a>\r\nSize/MD5 checksum: 1130402 25bdc2ca2651db73a88f079902a35f43\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb</a>\r\nSize/MD5 checksum: 1097994 e1eb29c9c4dd776259178308a6b40a04\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_s390.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_s390.deb</a>\r\nSize/MD5 checksum: 1084268 90b6459bb59a264eaf1aa2b26ed82acd\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_sparc.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_sparc.deb</a>\r\nSize/MD5 checksum: 1024106 9ad2a093d9efad364a0eb80a0f20057f\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.dsc target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.dsc</a>\r\nSize/MD5 checksum: 1310 c6dc3521aee080f275ea0f65ded35bca\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.diff.gz target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.diff.gz</a>\r\nSize/MD5 checksum: 57299 b6d1af4a7144d5289400f35dcd18eb5e\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz</a>\r\nSize/MD5 checksum: 3295212 92ddfaedd6698bc6640927def271d476\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_alpha.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_alpha.deb</a>\r\nSize/MD5 checksum: 1301122 7c83dcbdcdb177e9bc83361d4c064f6d\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_amd64.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_amd64.deb</a>\r\nSize/MD5 checksum: 1178112 875f877f564c88b885ebf68be2478f0c\r\n\r\narm architecture (ARM)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_arm.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_arm.deb</a>\r\nSize/MD5 checksum: 1034248 3c20d44508cc5255c3e6ad74cf9cac9c\r\n\r\narmel architecture (ARM EABI)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_armel.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_armel.deb</a>\r\nSize/MD5 checksum: 1034868 457ca8749ced0c177c5825ca953423e7\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_hppa.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_hppa.deb</a>\r\nSize/MD5 checksum: 1214270 353bde7aacb7e5a875ba8d715da70caa\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_i386.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_i386.deb</a>\r\nSize/MD5 checksum: 1099806 02a117d38e15ecf3e0b2667985b7710e\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_ia64.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_ia64.deb</a>\r\nSize/MD5 checksum: 1615308 d0f1ed5581a772eecf3801a45d57ab95\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mips.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mips.deb</a>\r\nSize/MD5 checksum: 1158540 656a66202077e4f55d24433af6ab3ce5\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mipsel.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mipsel.deb</a>\r\nSize/MD5 checksum: 1157848 614cad1bdd081160a3fe74e3d1e4e902\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_powerpc.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_powerpc.deb</a>\r\nSize/MD5 checksum: 1228470 6dbb9fa6379444c2f0cebba7fc417027\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_s390.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_s390.deb</a>\r\nSize/MD5 checksum: 1258802 d92712a84cbb2d2c181546927d4f9f36\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n<a href=http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_sparc.deb target=_blank rel=external nofollow>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_sparc.deb</a>\r\nSize/MD5 checksum: 1142494 cd69f7750be1e6cc0e83003e74480bde\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:0402-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:0402-01\uff1aImportant: openswan security update\r\n\u94fe\u63a5\uff1a<a href=https://www.redhat.com/support/errata/RHSA-2009-0402.html target=_blank rel=external nofollow>https://www.redhat.com/support/errata/RHSA-2009-0402.html</a>\r\n\r\nOpenswan\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://www.openswan.org/CVE-2009-0790/ target=_blank rel=external nofollow>http://www.openswan.org/CVE-2009-0790/</a>", "modified": "2009-04-01T00:00:00", "published": "2009-04-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4971", "id": "SSV:4971", "title": "Openswan\u548cstrongSwan DPD\u62a5\u6587\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}], "oraclelinux": [{"lastseen": "2018-08-31T01:38:25", "bulletinFamily": "unix", "description": "[2.6.14-1.2]\n- security update (CVE-2009-0790, CVE-2008-4190)\nResolves: CVE-2009-0790, CVE-2008-4190 ", "modified": "2009-03-30T00:00:00", "published": "2009-03-30T00:00:00", "id": "ELSA-2009-0402", "href": "http://linux.oracle.com/errata/ELSA-2009-0402.html", "title": "openswan security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:58", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:0402\n\n\nOpenswan is a free implementation of Internet Protocol Security (IPsec)\nand Internet Key Exchange (IKE). IPsec uses strong cryptography to provide\nboth authentication and encryption services. These services allow you to\nbuild secure tunnels through untrusted networks. Everything passing through\nthe untrusted network is encrypted by the IPsec gateway machine, and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network (VPN).\n\nGerd v. Egidy discovered a flaw in the Dead Peer Detection (DPD) in\nOpenswan's pluto IKE daemon. A remote attacker could use a malicious DPD\npacket to crash the pluto daemon. (CVE-2009-0790)\n\nIt was discovered that Openswan's livetest script created temporary files\nin an insecure manner. A local attacker could use this flaw to overwrite\narbitrary files owned by the user running the script. (CVE-2008-4190)\n\nNote: The livetest script is an incomplete feature and was not\nautomatically executed by any other script distributed with Openswan, or\nintended to be used at all, as was documented in its man page. In these\nupdated packages, the script only prints an informative message and exits\nimmediately when run.\n\nAll users of openswan are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the ipsec service will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015746.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015747.html\n\n**Affected packages:**\nopenswan\nopenswan-doc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0402.html", "modified": "2009-04-09T11:33:25", "published": "2009-04-09T11:33:25", "href": "http://lists.centos.org/pipermail/centos-announce/2009-April/015746.html", "id": "CESA-2009:0402", "title": "openswan security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:47", "bulletinFamily": "unix", "description": "Openswan is a free implementation of Internet Protocol Security (IPsec)\nand Internet Key Exchange (IKE). IPsec uses strong cryptography to provide\nboth authentication and encryption services. These services allow you to\nbuild secure tunnels through untrusted networks. Everything passing through\nthe untrusted network is encrypted by the IPsec gateway machine, and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network (VPN).\n\nGerd v. Egidy discovered a flaw in the Dead Peer Detection (DPD) in\nOpenswan's pluto IKE daemon. A remote attacker could use a malicious DPD\npacket to crash the pluto daemon. (CVE-2009-0790)\n\nIt was discovered that Openswan's livetest script created temporary files\nin an insecure manner. A local attacker could use this flaw to overwrite\narbitrary files owned by the user running the script. (CVE-2008-4190)\n\nNote: The livetest script is an incomplete feature and was not\nautomatically executed by any other script distributed with Openswan, or\nintended to be used at all, as was documented in its man page. In these\nupdated packages, the script only prints an informative message and exits\nimmediately when run.\n\nAll users of openswan are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the ipsec service will be restarted automatically.", "modified": "2017-09-08T11:51:10", "published": "2009-03-30T04:00:00", "id": "RHSA-2009:0402", "href": "https://access.redhat.com/errata/RHSA-2009:0402", "type": "redhat", "title": "(RHSA-2009:0402) Important: openswan security update", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:43", "bulletinFamily": "unix", "description": "### Background\n\nOpenswan is an implementation of IPsec for Linux. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Openswan: \n\n * Gerd v. Egidy reported a NULL pointer dereference in the Dead Peer Detection of the pluto IKE daemon as included in Openswan (CVE-2009-0790).\n * The Orange Labs vulnerability research team discovered multiple vulnerabilities in the ASN.1 parser (CVE-2009-2185).\n\n### Impact\n\nA remote attacker could exploit these vulnerabilities by sending specially crafted R_U_THERE or R_U_THERE_ACK packets, or a specially crafted X.509 certificate containing a malicious Relative Distinguished Name (RDN), UTCTIME string or GENERALIZEDTIME string to cause a Denial of Service of the pluto IKE daemon. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Openswan users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/openswan-2.4.15\"", "modified": "2009-09-09T00:00:00", "published": "2009-09-09T00:00:00", "id": "GLSA-200909-05", "href": "https://security.gentoo.org/glsa/200909-05", "type": "gentoo", "title": "Openswan: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
