Operating System:

[Debian]

Published:

01 April 2014

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2014.0416 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0416
                         openswan security update
                               1 April 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openswan
Publisher:         Debian
Operating System:  Debian GNU/Linux 6
                   Debian GNU/Linux 7
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2013-6466 CVE-2013-2053 

Reference:         ESB-2014.0206
                   ESB-2013.0696

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-2893

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2893-1                   security@debian.org
http://www.debian.org/security/                         Yves-Alexis Perez
March 31, 2014                         http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : openswan
CVE ID         : CVE-2013-2053 CVE-2013-6466

Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation
for Linux.

CVE-2013-2053

    During an audit of Libreswan (with which Openswan shares some code),
    Florian Weimer found a remote buffer overflow in the atodn()
    function.  This vulnerability can be triggered when Opportunistic
    Encryption (OE) is enabled and an attacker controls the PTR record
    of a peer IP address.
    Authentication is not needed to trigger the vulnerability.

CVE-2013-6466

    Iustina Melinte found a vulnerability in Libreswan which also
    applies to the Openswan code. By carefuly crafting IKEv2 packets, an
    attacker can make the pluto daemon derefeences non-received IKEv2
    payload, leading to the daemon crash.
    Authentication is not needed to trigger the vulnerability.

Patches were originally written to fix the vulnerabilities in Libreswan,
and have been ported to Openswan by Paul Wouters from the Libreswan
Project.

Since the Openswan package is not maintained anymore in the Debian
distribution and is not available in testing and unstable suites, it is
recommended for IKE/IPsec users to switch to a supported implementation
like strongSwan.

For the oldstable distribution (squeeze), these problems have been fixed in
version 2.6.28+dfsg-5+squeeze2.

For the stable distribution (wheezy), these problems have been fixed in
version 2.6.37-3.1.

We recommend that you upgrade your openswan packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBCgAGBQJTOcluAAoJEG3bU/KmdcClu7UH/07J/Vlqb3Ulnmlm2ZROyx3Q
2xALBLd5+0fBULBwMZ0A3y1elO+thmzFEL6R/7hsVJKqIMQWsWsn/Ahz0/HAOhkk
2YNnunJkZiyRI9J++9dli6dkbhLKBi53pkgzRzITu8ecJQ7Rt842bD79SvT40foh
CK+l7Y8DIWao0JG8HXwNFn49KGHjz/4ZXmuDi+nRX0AalJlV7LG9N9jgnYIYjVTs
+meQemBgffTyFCd3zW/ydq0K77+3z6EqprH4xVGsxGgu0Uu4Jk0GsAqYMRoETeRh
Nvd1vOTSAMsVFUUpH2FgJkXdDQCtDzRiYFgItUVLWcWoDYrjXgChpdOGI8R0Wv0=
=js6B
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUzoKNxLndAQH1ShLAQLN8g//RkKx+HpNzzApfJtT1reucBbhoF6lWDg8
CtWb0dLlW2wOd2D7pj1ySGLgNDqJSDzmCW3XBX0BWJKFgzVdclsNB/6ZOmki5p7U
Y8rr4Qyn+EbpVyPnflV4GdPphX5kzt401GcXrFW/2y9IVLONHnBk/8ygAJGvSK5N
8iIMnrcDqFvxMTR+zWCx3dZse8gGcVFBoHmoxjqlWwUzCa4DFiDc0Bw4fTL2b6RD
eVboa08sfbeYj+ogypNE2dW+LLr71JSirPEkn7WeZioMcCIdC7X+zErDg7He+W6i
Yy8uLtUTe3I598TWQQbgDWtyL4EUDFSpR8NRiNHCyrDsr5uoX/MyYV7Q9YWM/CAB
tyOxdqQxV7I+JNCttRq3btEolmbTQcrQa4z9bBDJCyB1CZD7i5WXZoyGavsRtv+p
4rgrWBYFfIBiHEvNG2OhuBLAJFNutB1JMa0KSLaoR4baViSvse30jLYiJSUIplkt
U01nNV86VmOgIT3k77n1+oZ8pcNrpP5jKMFp2wS1jqtT3roY21Q6FIn/Ju/hh5yR
bjnStYSRnRvuXh3DRckCXBYlUZOVWO1FnNFOEAM25SCerLdzy1PXY7rPiOWJZ1+T
OoQt4VvYEaQlRVyW8RYT69Ws7kL1MFbG96r4A8nZ89Lvn8saRq6vNyb7Ezur4IlV
EzbwKbQDzgg=
=EyCG
-----END PGP SIGNATURE-----