September 9, 2009

Gentoo Linux Security Advisory 200909-05 (Normal): openswan

Background

Openswan is an implementation of IPsec for Linux.

Description

Multiple vulnerabilities have been discovered in Openswan:

  • Gerd v. Egidy reported a NULL pointer dereference in the Dead Peer Detection of the pluto IKE daemon as included in Openswan (CVE-2009-0790).
  • The Orange Labs vulnerability research team discovered multiple vulnerabilities in the ASN.1 parser (CVE-2009-2185)...
Click Here!