---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-082
2005-01-28
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : openswan
Version     : 2.1.5
Release     : 2.FC3.1
Summary     : Openswan IPsec userland tools
Description :
Openswan is a free implementation of IPSEC & IKE for Linux.

IPsec is Internet Protocol Security and uses strong cryptography to
provide both authentication and encryption services.  These services
allow you to build secure tunnels through untrusted networks.
Everything passing through the untrusted net is encrypted by the ipsec
gateway machine and decrypted by the gateway at the other end of the
tunnel.  The resulting tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Openswan on a kernel with the 2.6 native IPsec code.

---------------------------------------------------------------------Update Information:
This erratum fixes the remote exploitation of a stack based buffer
overflow vulnerability in Xelerance Corp.'s Openswan, which could
allow attackers to execute arbitrary code.

The vulnerability specifically exists due to a lack of bounds checking
in the pluto application when Openswan is compiled with XAUTH and PAM
support.

The Common Vulnerabilities and Exposures project has assigned
the name CAN-2005-0162 to this problem.

---------------------------------------------------------------------* Tue Dec 27 2005 Harald Hoyer  - 2.1.5-2.FC3.1

- fixed possible xauth/PAM buffer overflow. (bug 146287)


---------------------------------------------------------------------This update can be downloaded from:
   
08083949eee57eb9b8417729fc160e57  SRPMS/openswan-2.1.5-2.FC3.1.src.rpm
6df7139465807a325eacbe065a35ef67  x86_64/openswan-2.1.5-2.FC3.1.x86_64.rpm
eab7fef76f737dd0ef5c4527656958c0  x86_64/debug/openswan-debuginfo-2.1.5-2.FC3.1.x86_64.rpm
9ee8446d2ba7f7dbca2c5213b30e9393  i386/openswan-2.1.5-2.FC3.1.i386.rpm
ef5fec6a769017a1e726c95129286b9c  i386/debug/openswan-debuginfo-2.1.5-2.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: openswan-2.1.5-2.FC3.1

January 28, 2005
This erratum fixes the remote exploitation of a stack based buffer overflow vulnerability in Xelerance Corp.'s Openswan, which could allow attackers to execute arbitrary code.

Summary

Openswan is a free implementation of IPSEC & IKE for Linux.

IPsec is Internet Protocol Security and uses strong cryptography to

provide both authentication and encryption services. These services

allow you to build secure tunnels through untrusted networks.

Everything passing through the untrusted net is encrypted by the ipsec

gateway machine and decrypted by the gateway at the other end of the

tunnel. The resulting tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up

Openswan on a kernel with the 2.6 native IPsec code.

This erratum fixes the remote exploitation of a stack based buffer

overflow vulnerability in Xelerance Corp.'s Openswan, which could

allow attackers to execute arbitrary code.

The vulnerability specifically exists due to a lack of bounds checking

in the pluto application when Openswan is compiled with XAUTH and PAM

support.

The Common Vulnerabilities and Exposures project has assigned

the name CAN-2005-0162 to this problem.

- fixed possible xauth/PAM buffer overflow. (bug 146287)

08083949eee57eb9b8417729fc160e57 SRPMS/openswan-2.1.5-2.FC3.1.src.rpm

6df7139465807a325eacbe065a35ef67 x86_64/openswan-2.1.5-2.FC3.1.x86_64.rpm

eab7fef76f737dd0ef5c4527656958c0 x86_64/debug/openswan-debuginfo-2.1.5-2.FC3.1.x86_64.rpm

9ee8446d2ba7f7dbca2c5213b30e9393 i386/openswan-2.1.5-2.FC3.1.i386.rpm

ef5fec6a769017a1e726c95129286b9c i386/debug/openswan-debuginfo-2.1.5-2.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-082 2005-01-28 Name : openswan Version : 2.1.5 Release : 2.FC3.1 Summary : Openswan IPsec userland tools Description : Openswan is a free implementation of IPSEC & IKE for Linux. IPsec is Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Openswan on a kernel with the 2.6 native IPsec code. This erratum fixes the remote exploitation of a stack based buffer overflow vulnerability in Xelerance Corp.'s Openswan, which could allow attackers to execute arbitrary code. The vulnerability specifically exists due to a lack of bounds checking in the pluto application when Openswan is compiled with XAUTH and PAM support. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-0162 to this problem. - fixed possible xauth/PAM buffer overflow. (bug 146287) 08083949eee57eb9b8417729fc160e57 SRPMS/openswan-2.1.5-2.FC3.1.src.rpm 6df7139465807a325eacbe065a35ef67 x86_64/openswan-2.1.5-2.FC3.1.x86_64.rpm eab7fef76f737dd0ef5c4527656958c0 x86_64/debug/openswan-debuginfo-2.1.5-2.FC3.1.x86_64.rpm 9ee8446d2ba7f7dbca2c5213b30e9393 i386/openswan-2.1.5-2.FC3.1.i386.rpm ef5fec6a769017a1e726c95129286b9c i386/debug/openswan-debuginfo-2.1.5-2.FC3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : openswan
Version : 2.1.5
Release : 2.FC3.1
Summary : Openswan IPsec userland tools

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved