Openswan IPsec Livetest Insecure Temporary File Creation Vulnerability

Bugtraq ID: 31243
Class: Design Error
CVE: CVE-2008-4190
Remote: No
Local: Yes
Published: Aug 24 2008 12:00AM
Updated: Sep 16 2013 12:12AM
Credit: Dmitry E. Oboukhov
Vulnerable: Red Hat Fedora 9
Red Hat Fedora 8
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Openswan Openswan 2.6.16
Openswan Openswan 2.4.4
Openswan Openswan 2.4.2
Openswan Openswan 2.4
Openswan Openswan 2.3.1
Openswan Openswan 2.3
Openswan Openswan 2.2
Openswan Openswan 2.1.6
Openswan Openswan 2.1.5
+ Red Hat Fedora Core3
Openswan Openswan 2.1.4
Openswan Openswan 2.1.2
Openswan Openswan 2.1.1
Openswan Openswan 1.0.9
Openswan Openswan 1.0.8
Openswan Openswan 1.0.7
Openswan Openswan 1.0.6
Openswan Openswan 1.0.5
Openswan Openswan 1.0.4
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable: Openswan Openswan 2.6.20


 

Privacy Statement
Copyright 2010, SecurityFocus