---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/ Stay Secure, Secunia ---------------------------------------------------------------------- TITLE: Debian update for openswan SECUNIA ADVISORY ID: SA34472 VERIFY ADVISORY: http://secunia.com/advisories/34472/ DESCRIPTION: Debian has issued an update for openswan. This fixes a vulnerability and a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service). 1) An error in the processing of Dead Peer Detection packets can be exploited to cause a crash. For more information: SA34483 2) The "IPSEC livetest" tool uses the "ipseclive.conn" and "ipsec.olts.remote.log" temporary files in an insecure manner. This can be exploited to e.g. overwrite arbitrary files via symlink attacks. SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.diff.gz Size/MD5 checksum: 92351 d43193ea57c9ba646aa9a2ae479c65dd http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1.dsc Size/MD5 checksum: 887 0bb9a0b8fda2229aed2ea1e7755259db Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch1_all.deb Size/MD5 checksum: 598920 7f24c626025d0725409fc5f282834859 http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch1_all.deb Size/MD5 checksum: 525862 69a5d63858abbde46369f1178715bb23 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_alpha.deb Size/MD5 checksum: 1742492 a6a7ab937c9a172c74e19bf85ed5af15 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_amd64.deb Size/MD5 checksum: 1744812 6c1cd62d31174fce3dae9b8393594c73 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_arm.deb Size/MD5 checksum: 1719132 30678772efa350b67ba19b7eb5ebc4c2 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_hppa.deb Size/MD5 checksum: 1758480 cc2108239ed20143d7dc8ead6c6cb6c0 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_i386.deb Size/MD5 checksum: 1712448 07a390d204baaf83a5fb4cb6745a786a ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_ia64.deb Size/MD5 checksum: 1930720 1c95baf380d131f78767af55841566ab mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mips.deb Size/MD5 checksum: 1692214 90f1710f68414a17fb4d29168746bbed mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_mipsel.deb Size/MD5 checksum: 1697294 ce452a37b284bd1c49925482c4be6554 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_powerpc.deb Size/MD5 checksum: 1667818 786f2533b336ced17cb15b988586c224 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_s390.deb Size/MD5 checksum: 1671506 d8981c0fd7db865ae7a2172b7d6a4ffa sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch1_sparc.deb Size/MD5 checksum: 1622248 f6cd4abafd3ddfdcc50ad4a346bde5cf -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.dsc Size/MD5 checksum: 1315 df7cd3ea125815e36b74b98857b3d5be http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4 http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1.diff.gz Size/MD5 checksum: 127288 eaed626706af274b44a51210f8eb9d13 Architecture independent packages: http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny1_all.deb Size/MD5 checksum: 544388 a26397193d910b2b469fba692760e4a2 http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny1_all.deb Size/MD5 checksum: 609908 dbbd73cc5402dc1b3e1ae205546f4d9f alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_alpha.deb Size/MD5 checksum: 1754216 1b179d83df0d9efa17f6987e9c9501d8 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_amd64.deb Size/MD5 checksum: 1772492 f330caae76805540227bf51974dbd6c6 arm architecture (ARM) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_arm.deb Size/MD5 checksum: 1756426 ca71fca809dd7268ae73365bfe13fd12 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_armel.deb Size/MD5 checksum: 1736800 0d22e152defbd8f1c71831ac407ae34a hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_hppa.deb Size/MD5 checksum: 1775916 a9fc238495fe9c5c7f770d08e677639b i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_i386.deb Size/MD5 checksum: 1730858 3187b4ea1c4b4827e2016abb8ff44eae ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_ia64.deb Size/MD5 checksum: 1964194 6fbf238ebc2e1294349985fb42ccab28 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mips.deb Size/MD5 checksum: 1703004 61a50f377061161973b841833752aafb mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_mipsel.deb Size/MD5 checksum: 1709240 a0f724d83f9435684af2aec5a2386545 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_powerpc.deb Size/MD5 checksum: 1710422 41aab00fccc6b17ae3d6a9a4aaccd729 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_s390.deb Size/MD5 checksum: 1694918 31692764017d63e6a86f595ed9366e15 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny1_sparc.deb Size/MD5 checksum: 1649130 681f2aa23b6d79c5ecf0e2dec3ffbd7f -- Debian GNU/Linux unstable alias sid -- Reportedly, updated packages will be available soon. ORIGINAL ADVISORY: DSA-1760-1: http://lists.debian.org/debian-security-announce/2009/msg00070.html OTHER REFERENCES: SA34483: http://secunia.com/advisories/34483/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------