Oval Definition:oval:org.mitre.oval:def:21119
Revision Date:2014-02-17Version:11
Title:RHSA-2013:0827: openswan security update (Important)
Description:Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2013:0827
CVE-2013-2053
RHSA-2013:0827-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):openswan
Definition Synopsis
  • Operation system section
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • openswan is earlier than 0:2.6.32-20.el6_4
  • OR openswan-doc is earlier than 0:2.6.32-20.el6_4
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • openswan is earlier than 0:2.6.32-5.el5_9
  • OR openswan-doc is earlier than 0:2.6.32-5.el5_9
    • BACK