CVE-2005-0162
Summary
| CVE | CVE-2005-0162 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-01-26 05:00:00 UTC |
| Updated | 2019-07-29 13:23:00 UTC |
| Description | Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityTracker.com Archives - Openswan Pluto get_internal_addresses() Remote Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| Xelerance Corporation Openswan XAUTH/PAM Remote Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| [SECURITY] Fedora Core 3 Update: openswan-2.1.5-2.FC3.1 | FEDORA | www.redhat.com | |
| 13195 | OSVDB | www.osvdb.org | |
| Accenture | Let there be change | IDEFENSE | www.idefense.com | Patch, Vendor Advisory |
| Secunia - Advisories - Openswan XAUTH/PAM Buffer Overflow Vulnerability | SECUNIA | secunia.com | |
| Secunia - Advisories - Fedora update for openswan | SECUNIA | secunia.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Openswan: IDEF0785 - Openswan XAUTH/PAM Buffer Overflow Vulnerability | CONFIRM | www.openswan.org | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.