Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:070-1: super-freeswan Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the super-freeswan package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:070-1 (super-freeswan).
Thomas Walpuski discovered a vulnerability in the X.509 handling of
super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch
applied. This vulnerability allows a possible hacker to make up their own Certificate
Authority that can allow them to impersonate the identity of a valid DN. As
well, another hole exists in the CA checking code that could create an endless
loop in certain instances.
Mandrakesoft encourages all users who use FreeS/WAN or super-freeswan to upgrade
to the updated packages which are patched to correct these flaws.
Due to a build error, the super-freeswan packages did not include the pluto
program. The updated packages fix this error.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:070-1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.