RHSA-2010:0892
Vulnerability from csaf_redhat
Published
2010-11-16 18:16
Modified
2024-11-22 03:48
Summary
Red Hat Security Advisory: openswan security update
Notes
Topic
Updated openswan packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Openswan is a free implementation of Internet Protocol Security (IPsec)
and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide
both authentication and encryption services. These services allow you to
build secure tunnels through untrusted networks.
Two buffer overflow flaws were found in the Openswan client-side XAUTH
handling code used when connecting to certain Cisco gateways. A malicious
or compromised VPN gateway could use these flaws to execute arbitrary code
on the connecting Openswan client. (CVE-2010-3302, CVE-2010-3308)
Two input sanitization flaws were found in the Openswan client-side
handling of Cisco gateway banners. A malicious or compromised VPN gateway
could use these flaws to execute arbitrary code on the connecting Openswan
client. (CVE-2010-3752, CVE-2010-3753)
Red Hat would like to thank the Openswan project for reporting these
issues. Upstream acknowledges D. Hugh Redelmeier and Paul Wouters as the
original reporters.
All users of openswan are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. After installing
this update, the ipsec service will be restarted automatically.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openswan packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openswan is a free implementation of Internet Protocol Security (IPsec)\nand Internet Key Exchange (IKE). IPsec uses strong cryptography to provide\nboth authentication and encryption services. These services allow you to\nbuild secure tunnels through untrusted networks.\n\nTwo buffer overflow flaws were found in the Openswan client-side XAUTH\nhandling code used when connecting to certain Cisco gateways. A malicious\nor compromised VPN gateway could use these flaws to execute arbitrary code\non the connecting Openswan client. (CVE-2010-3302, CVE-2010-3308)\n\nTwo input sanitization flaws were found in the Openswan client-side\nhandling of Cisco gateway banners. A malicious or compromised VPN gateway\ncould use these flaws to execute arbitrary code on the connecting Openswan\nclient. (CVE-2010-3752, CVE-2010-3753)\n\nRed Hat would like to thank the Openswan project for reporting these\nissues. Upstream acknowledges D. Hugh Redelmeier and Paul Wouters as the\noriginal reporters.\n\nAll users of openswan are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the ipsec service will be restarted automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0892",
"url": "https://access.redhat.com/errata/RHSA-2010:0892"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "634264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634264"
},
{
"category": "external",
"summary": "637924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637924"
},
{
"category": "external",
"summary": "640711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640711"
},
{
"category": "external",
"summary": "640715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640715"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0892.json"
}
],
"title": "Red Hat Security Advisory: openswan security update",
"tracking": {
"current_release_date": "2024-11-22T03:48:32+00:00",
"generator": {
"date": "2024-11-22T03:48:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2010:0892",
"initial_release_date": "2010-11-16T18:16:00+00:00",
"revision_history": [
{
"date": "2010-11-16T18:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-11-16T13:17:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:48:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openswan-0:2.6.24-8.el6_0.1.src",
"product": {
"name": "openswan-0:2.6.24-8.el6_0.1.src",
"product_id": "openswan-0:2.6.24-8.el6_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan@2.6.24-8.el6_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"product": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"product_id": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-doc@2.6.24-8.el6_0.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"product": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"product_id": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-debuginfo@2.6.24-8.el6_0.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "openswan-0:2.6.24-8.el6_0.1.i686",
"product": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686",
"product_id": "openswan-0:2.6.24-8.el6_0.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan@2.6.24-8.el6_0.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"product": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"product_id": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-doc@2.6.24-8.el6_0.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"product": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"product_id": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-debuginfo@2.6.24-8.el6_0.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"product": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"product_id": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan@2.6.24-8.el6_0.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"product": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"product_id": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-doc@2.6.24-8.el6_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"product": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"product_id": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-debuginfo@2.6.24-8.el6_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openswan-0:2.6.24-8.el6_0.1.s390x",
"product": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x",
"product_id": "openswan-0:2.6.24-8.el6_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan@2.6.24-8.el6_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"product": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"product_id": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-doc@2.6.24-8.el6_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"product": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"product_id": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan-debuginfo@2.6.24-8.el6_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"product": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"product_id": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openswan@2.6.24-8.el6_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-0:2.6.24-8.el6_0.1.src"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
},
"product_reference": "openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Openswan project"
]
},
{
"names": [
"D. Hugh Redelmeier",
"Paul Wouters"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2010-3302",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "634264"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openswan: buffer overflow vulnerability in XAUTH client-side support",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3302"
},
{
"category": "external",
"summary": "RHBZ#634264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3302",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3302"
}
],
"release_date": "2010-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-16T18:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0892"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openswan: buffer overflow vulnerability in XAUTH client-side support"
},
{
"acknowledgments": [
{
"names": [
"Openswan project"
]
}
],
"cve": "CVE-2010-3308",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "637924"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Openswan cisco banner option handling vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3308"
},
{
"category": "external",
"summary": "RHBZ#637924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3308"
}
],
"release_date": "2010-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-16T18:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0892"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Openswan cisco banner option handling vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Openswan project"
]
}
],
"cve": "CVE-2010-3752",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2010-10-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "640711"
}
],
"notes": [
{
"category": "description",
"text": "programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-3302.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3752"
},
{
"category": "external",
"summary": "RHBZ#640711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3752"
}
],
"release_date": "2010-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-16T18:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0892"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet"
},
{
"acknowledgments": [
{
"names": [
"Openswan project"
]
}
],
"cve": "CVE-2010-3753",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2010-10-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "640715"
}
],
"notes": [
{
"category": "description",
"text": "programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-3308.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Openswan: Gateway arbitrary execution via shell metacharacters in the cisco_banner",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3753"
},
{
"category": "external",
"summary": "RHBZ#640715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3753",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3753"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3753",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3753"
}
],
"release_date": "2010-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-16T18:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0892"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Client-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-0:2.6.24-8.el6_0.1.src",
"6Client:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Client:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Server-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-0:2.6.24-8.el6_0.1.src",
"6Server:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Server:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation-optional:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation-optional:openswan-doc-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.src",
"6Workstation:openswan-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-debuginfo-0:2.6.24-8.el6_0.1.x86_64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.i686",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.ppc64",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.s390x",
"6Workstation:openswan-doc-0:2.6.24-8.el6_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Openswan: Gateway arbitrary execution via shell metacharacters in the cisco_banner"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.