Debian Linux Security Advisory 2893-1 - Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux.
46c874585db91e02896fab1d9cb81e40f1fbae61ac26f26ca4c2726e58ceecae
Gentoo Linux Security Advisory 201401-9 - A vulnerability in Openswan could result in execution of arbitrary code or Denial of Service. Versions less than 2.6.39 are affected.
d4e96cbeeefc87ca2407e521e745e88d0d04544a5e816c3a7aa0cb2c4f406904
Mandriva Linux Security Advisory 2013-231 - Multiple vulnerabilities has been discovered and corrected in openswan. The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the in many distributions and the upstream version, this tool has been disabled. The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted R_U_THERE_ACK Dead Peer Detection IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD. Various other issues have also been addressed.
fb07f53fcbc6401898ba4775ff34c35ba6bd0724b1aaf7b8955e48769191fdc6
Red Hat Security Advisory 2013-0827-01 - Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemon requests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default.
12cb976f5b69697a894c31503bb551690955b213858c4fa51b009f265a8d5326