Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0162

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-0162
Last Modified 05 Sep 2008 04:45:29
Published 26 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0162

Summary

Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code.

Vulnerable Systems

Application

  • Openswan 1.0.9

  • Openswan 2.3.0


References

XF - openswan-xauth-pam-bo(19078)

CONFIRM - http://www.openswan.org/support/vuln/IDEF0785/

IDEFENSE - 20050126 Openswan XAUTH/PAM Buffer Overflow Vulnerability

BID - 12377

FEDORA - FEDORA-2005-082

OSVDB - 13195

SECTRACK - 1013014

SECUNIA - 14062

SECUNIA - 14038


Last Updated: 27 May 2016 10:39:42