Skip to navigation

Security Advisory Moderate: openswan security update

Advisory: RHSA-2010:0892-1
Type: Security Advisory
Severity: Moderate
Issued on: 2010-11-16
Last updated on: 2010-11-16
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.0.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2010-3302
CVE-2010-3308
CVE-2010-3752
CVE-2010-3753

Details

Updated openswan packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Openswan is a free implementation of Internet Protocol Security (IPsec)
and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide
both authentication and encryption services. These services allow you to
build secure tunnels through untrusted networks.

Two buffer overflow flaws were found in the Openswan client-side XAUTH
handling code used when connecting to certain Cisco gateways. A malicious
or compromised VPN gateway could use these flaws to execute arbitrary code
on the connecting Openswan client. (CVE-2010-3302, CVE-2010-3308)

Two input sanitization flaws were found in the Openswan client-side
handling of Cisco gateway banners. A malicious or compromised VPN gateway
could use these flaws to execute arbitrary code on the connecting Openswan
client. (CVE-2010-3752, CVE-2010-3753)

Red Hat would like to thank the Openswan project for reporting these
issues. Upstream acknowledges D. Hugh Redelmeier and Paul Wouters as the
original reporters.

All users of openswan are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. After installing
this update, the ipsec service will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openswan-2.6.24-8.el6_0.1.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: e8820e1de4d56955bb633e823e83f40b
SHA-256: fd56f81e7f46f5eb914a9c785bca52e4b6e8bf77bb1c4e573624d4d60026b6bc
 
IA-32:
openswan-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e7b3b85736fbe9d2e4b324b411ec8fea
SHA-256: 55526656f743cf0ce1fc0687e11b72a68125375d97178d90b9ee59c657b4e314
openswan-debuginfo-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e6ab3542abd8fe38ab58b7baa370ed7b
SHA-256: 60c1448d1d9e7a7aa86f93f8e7d3384234d2a1e7e775cda14d2784524cd3035d
openswan-doc-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: 1ba36e11e542054ec79435b4cf3f892d
SHA-256: fa8ec6e86be124c9a7de72d16499c7030784aa9fda2593bb709f1f9465ba6324
 
x86_64:
openswan-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: cd0331f22061a2f95f53cdd4b58decee
SHA-256: b7f2f53b5b976f372a9072ecad9c327dfbe5026f274708b8f0076a89e34b9467
openswan-debuginfo-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 8f6d481f5d08d16f9376024a6fe92ad3
SHA-256: a00b7cbda30828fd7983d7b44d66f5ab1d237397f62a233c5ad83c9bd9239dc3
openswan-doc-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 953cf1ac77522ffbed278e2c49d324a8
SHA-256: db1149909827e98fc74a544447086537e17d72e0f0bf1c21c7254f5af03ab24c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openswan-2.6.24-8.el6_0.1.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: e8820e1de4d56955bb633e823e83f40b
SHA-256: fd56f81e7f46f5eb914a9c785bca52e4b6e8bf77bb1c4e573624d4d60026b6bc
 
IA-32:
openswan-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e7b3b85736fbe9d2e4b324b411ec8fea
SHA-256: 55526656f743cf0ce1fc0687e11b72a68125375d97178d90b9ee59c657b4e314
openswan-debuginfo-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e6ab3542abd8fe38ab58b7baa370ed7b
SHA-256: 60c1448d1d9e7a7aa86f93f8e7d3384234d2a1e7e775cda14d2784524cd3035d
openswan-doc-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: 1ba36e11e542054ec79435b4cf3f892d
SHA-256: fa8ec6e86be124c9a7de72d16499c7030784aa9fda2593bb709f1f9465ba6324
 
PPC:
openswan-2.6.24-8.el6_0.1.ppc64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 0d54e99051862594fd7b35113e13785b
SHA-256: 43090f57f4c1385da58e54ec56a5f3bfce5f9d1102ed3946e3d369122fdcf7df
openswan-debuginfo-2.6.24-8.el6_0.1.ppc64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 86bf360c24f52115d808e4c12c619ba3
SHA-256: 900a11e3ca52c09e8cd67e6a930c96650166e6565b7152e1d5d8b992685f9078
openswan-doc-2.6.24-8.el6_0.1.ppc64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 9b0cdba123668d40663be8c1c9b83eea
SHA-256: 16d37cec3df4112aea6a6beac78db2c82c2722021cc12f1cc657b903983e2d4f
 
s390x:
openswan-2.6.24-8.el6_0.1.s390x.rpm
File outdated by:  RHSA-2014:0185
    MD5: 7e7c7b93f1ba8ad004fdff119809e547
SHA-256: 3dbcc3730ecf40d77a75407d6a20d60062a7d0593bd8835850c7f53983bb302d
openswan-debuginfo-2.6.24-8.el6_0.1.s390x.rpm
File outdated by:  RHSA-2014:0185
    MD5: 4e2e369cb7a1d894f97f1eb422410455
SHA-256: 3955877c1c467bb1153e47226896a2ce109bbc559aac0e00760c9b25b20d5e38
openswan-doc-2.6.24-8.el6_0.1.s390x.rpm
File outdated by:  RHSA-2014:0185
    MD5: c3e30a217cd0226a0063872faf5f4922
SHA-256: 6b72271e850146a5fd23ee69c9c8355de1508e48b25ec2763242ac0a2ff90838
 
x86_64:
openswan-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: cd0331f22061a2f95f53cdd4b58decee
SHA-256: b7f2f53b5b976f372a9072ecad9c327dfbe5026f274708b8f0076a89e34b9467
openswan-debuginfo-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 8f6d481f5d08d16f9376024a6fe92ad3
SHA-256: a00b7cbda30828fd7983d7b44d66f5ab1d237397f62a233c5ad83c9bd9239dc3
openswan-doc-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 953cf1ac77522ffbed278e2c49d324a8
SHA-256: db1149909827e98fc74a544447086537e17d72e0f0bf1c21c7254f5af03ab24c
 
Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
openswan-2.6.24-8.el6_0.1.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: e8820e1de4d56955bb633e823e83f40b
SHA-256: fd56f81e7f46f5eb914a9c785bca52e4b6e8bf77bb1c4e573624d4d60026b6bc
 
IA-32:
openswan-2.6.24-8.el6_0.1.i686.rpm     MD5: e7b3b85736fbe9d2e4b324b411ec8fea
SHA-256: 55526656f743cf0ce1fc0687e11b72a68125375d97178d90b9ee59c657b4e314
openswan-debuginfo-2.6.24-8.el6_0.1.i686.rpm     MD5: e6ab3542abd8fe38ab58b7baa370ed7b
SHA-256: 60c1448d1d9e7a7aa86f93f8e7d3384234d2a1e7e775cda14d2784524cd3035d
openswan-doc-2.6.24-8.el6_0.1.i686.rpm     MD5: 1ba36e11e542054ec79435b4cf3f892d
SHA-256: fa8ec6e86be124c9a7de72d16499c7030784aa9fda2593bb709f1f9465ba6324
 
PPC:
openswan-2.6.24-8.el6_0.1.ppc64.rpm     MD5: 0d54e99051862594fd7b35113e13785b
SHA-256: 43090f57f4c1385da58e54ec56a5f3bfce5f9d1102ed3946e3d369122fdcf7df
openswan-debuginfo-2.6.24-8.el6_0.1.ppc64.rpm     MD5: 86bf360c24f52115d808e4c12c619ba3
SHA-256: 900a11e3ca52c09e8cd67e6a930c96650166e6565b7152e1d5d8b992685f9078
openswan-doc-2.6.24-8.el6_0.1.ppc64.rpm     MD5: 9b0cdba123668d40663be8c1c9b83eea
SHA-256: 16d37cec3df4112aea6a6beac78db2c82c2722021cc12f1cc657b903983e2d4f
 
s390x:
openswan-2.6.24-8.el6_0.1.s390x.rpm     MD5: 7e7c7b93f1ba8ad004fdff119809e547
SHA-256: 3dbcc3730ecf40d77a75407d6a20d60062a7d0593bd8835850c7f53983bb302d
openswan-debuginfo-2.6.24-8.el6_0.1.s390x.rpm     MD5: 4e2e369cb7a1d894f97f1eb422410455
SHA-256: 3955877c1c467bb1153e47226896a2ce109bbc559aac0e00760c9b25b20d5e38
openswan-doc-2.6.24-8.el6_0.1.s390x.rpm     MD5: c3e30a217cd0226a0063872faf5f4922
SHA-256: 6b72271e850146a5fd23ee69c9c8355de1508e48b25ec2763242ac0a2ff90838
 
x86_64:
openswan-2.6.24-8.el6_0.1.x86_64.rpm     MD5: cd0331f22061a2f95f53cdd4b58decee
SHA-256: b7f2f53b5b976f372a9072ecad9c327dfbe5026f274708b8f0076a89e34b9467
openswan-debuginfo-2.6.24-8.el6_0.1.x86_64.rpm     MD5: 8f6d481f5d08d16f9376024a6fe92ad3
SHA-256: a00b7cbda30828fd7983d7b44d66f5ab1d237397f62a233c5ad83c9bd9239dc3
openswan-doc-2.6.24-8.el6_0.1.x86_64.rpm     MD5: 953cf1ac77522ffbed278e2c49d324a8
SHA-256: db1149909827e98fc74a544447086537e17d72e0f0bf1c21c7254f5af03ab24c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openswan-2.6.24-8.el6_0.1.src.rpm
File outdated by:  RHSA-2014:0185
    MD5: e8820e1de4d56955bb633e823e83f40b
SHA-256: fd56f81e7f46f5eb914a9c785bca52e4b6e8bf77bb1c4e573624d4d60026b6bc
 
IA-32:
openswan-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e7b3b85736fbe9d2e4b324b411ec8fea
SHA-256: 55526656f743cf0ce1fc0687e11b72a68125375d97178d90b9ee59c657b4e314
openswan-debuginfo-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: e6ab3542abd8fe38ab58b7baa370ed7b
SHA-256: 60c1448d1d9e7a7aa86f93f8e7d3384234d2a1e7e775cda14d2784524cd3035d
openswan-doc-2.6.24-8.el6_0.1.i686.rpm
File outdated by:  RHSA-2014:0185
    MD5: 1ba36e11e542054ec79435b4cf3f892d
SHA-256: fa8ec6e86be124c9a7de72d16499c7030784aa9fda2593bb709f1f9465ba6324
 
x86_64:
openswan-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: cd0331f22061a2f95f53cdd4b58decee
SHA-256: b7f2f53b5b976f372a9072ecad9c327dfbe5026f274708b8f0076a89e34b9467
openswan-debuginfo-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 8f6d481f5d08d16f9376024a6fe92ad3
SHA-256: a00b7cbda30828fd7983d7b44d66f5ab1d237397f62a233c5ad83c9bd9239dc3
openswan-doc-2.6.24-8.el6_0.1.x86_64.rpm
File outdated by:  RHSA-2014:0185
    MD5: 953cf1ac77522ffbed278e2c49d324a8
SHA-256: db1149909827e98fc74a544447086537e17d72e0f0bf1c21c7254f5af03ab24c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

634264 - CVE-2010-3302 openswan: buffer overflow vulnerability in XAUTH client-side support
637924 - CVE-2010-3308 Openswan cisco banner option handling vulnerability
640711 - CVE-2010-3752 Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet
640715 - CVE-2010-3753 Openswan: Gateway arbitrary execution via shell metacharacters in the cisco_banner


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/