Oval Definition:oval:org.opensuse.security:def:20084190
Revision Date:2022-05-20Version:1
Title:CVE-2008-4190
Description:

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-4190
Mitre CVE-2008-4190
SUSE CVE-2008-4190
Platform(s):SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • openswan-2.6.16-1.36.1 is installed
  • OR openswan-doc-2.6.16-1.36.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • openswan-2.6.16-1.34.3 is installed
  • OR openswan-doc-2.6.16-1.34.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND
  • openswan-2.6.16-1.36.1 is installed
  • OR openswan-doc-2.6.16-1.36.1 is installed
    • BACK