blob: 09b2f88c2cb530505f571b200884921c8dd18bf2 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200903-18">
<title>Openswan: Insecure temporary file creation</title>
An insecure temporary file usage has been reported in Openswan, allowing
for symlink attacks.
<product type="ebuild">openswan</product>
<announced>March 09, 2009</announced>
<revised>March 09, 2009: 01</revised>
<package name="net-misc/openswan" auto="yes" arch="*">
<unaffected range="ge">2.4.13-r2</unaffected>
<vulnerable range="lt">2.4.13-r2</vulnerable>
Openswan is an implementation of IPsec for Linux.
Dmitry E. Oboukhov reported that the IPSEC livetest tool does not
handle the ipseclive.conn and ipsec.olts.remote.log temporary files
<impact type="normal">
A local attacker could perform symlink attacks to execute arbitrary
code and overwrite arbitrary files with the privileges of the user
running the application.
There is no known workaround at this time.
All Openswan users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=net-misc/openswan-2.4.13-r2&quot;</code>
<uri link="">CVE-2008-4190</uri>
<metadata tag="requester" timestamp="Sun, 11 Jan 2009 18:17:28 +0000">
<metadata tag="submitter" timestamp="Thu, 12 Feb 2009 18:08:11 +0000">
<metadata tag="bugReady" timestamp="Thu, 12 Feb 2009 18:08:22 +0000">