{"api_version":"1","generated_at":"2026-04-23T07:55:48+00:00","cve":"CVE-2008-4190","urls":{"html":"https://cve.report/CVE-2008-4190","api":"https://cve.report/api/cve/CVE-2008-4190.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-4190","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-4190"},"summary":{"title":"CVE-2008-4190","description":"The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files.  NOTE: in many distributions and the upstream version, this tool has been disabled.","state":"PUBLISHED","assigner":"mitre","published_at":"2008-09-24 11:42:25","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-59","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.4","severity":"","vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.redhat.com/support/errata/RHSA-2009-0402.html","name":"http://www.redhat.com/support/errata/RHSA-2009-0402.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"access.redhat.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374","name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"#496374 - The possibility of attack with the help of symlinks in some Debian packages - Debian Bug report logs","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan","name":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"404 Not Found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45250","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45250","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/34472","name":"http://secunia.com/advisories/34472","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Security Advisory SA34472 - Debian update for openswan - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2009/dsa-1760","name":"http://www.debian.org/security/2009/dsa-1760","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Debian -- Security Information -- DSA-1760-1 openswan","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2008/10/30/2","name":"http://www.openwall.com/lists/oss-security/2008/10/30/2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.gentoo.org/show_bug.cgi?id=235770","name":"https://bugs.gentoo.org/show_bug.cgi?id=235770","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"235770 – (debian-tempfile) [Tracker] Tempfile issues found in Debian","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/501624/100/0/threaded","name":"http://www.securityfocus.com/archive/1/501624/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/501640/100/0/threaded","name":"http://www.securityfocus.com/archive/1/501640/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460425","name":"https://bugzilla.redhat.com/show_bug.cgi?id=460425","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Bug 460425 – CVE-2008-4190 openswan: Insecure auxiliary /tmp file usage (symlink attack possible)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/31243","name":"http://www.securityfocus.com/bid/31243","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Openswan IPsec Livetest Insecure Temporary File Creation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/34182","name":"http://secunia.com/advisories/34182","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Gentoo update for openswan - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/9135","name":"https://www.exploit-db.com/exploits/9135","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-4190","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4190","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"1.0.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.1.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openswan","cpe5":"openswan","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.4.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.03","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.05","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.06","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.07","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.08","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.09","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"4190","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xelerance","cpe5":"openswan","cpe6":"2.6.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2008-4190","organization":"Red Hat","lastmodified":"2009-03-30","contributor":"Joshua Bressers","statementText":"This issue has been addressed via: https://rhn.redhat.com/errata/RHSA-2009-0402.html","cve_year":"2008","cve_id":"4190","crc32":"9cd260a6"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T10:08:34.945Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"34472","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/34472"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460425"},{"name":"[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2008/10/30/2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugs.gentoo.org/show_bug.cgi?id=235770"},{"name":"20090309 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/501624/100/0/threaded"},{"name":"34182","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/34182"},{"name":"20090310 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/501640/100/0/threaded"},{"name":"oval:org.mitre.oval:def:10078","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan"},{"name":"31243","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/31243"},{"name":"9135","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/9135"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374"},{"name":"RHSA-2009:0402","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2009-0402.html"},{"name":"openswan-livetest-symlink(45250)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45250"},{"name":"DSA-1760","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2009/dsa-1760"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-08-24T00:00:00.000Z","descriptions":[{"lang":"en","value":"The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files.  NOTE: in many distributions and the upstream version, this tool has been disabled."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-11T19:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"34472","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/34472"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460425"},{"name":"[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2008/10/30/2"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugs.gentoo.org/show_bug.cgi?id=235770"},{"name":"20090309 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/501624/100/0/threaded"},{"name":"34182","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/34182"},{"name":"20090310 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/501640/100/0/threaded"},{"name":"oval:org.mitre.oval:def:10078","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078"},{"tags":["x_refsource_CONFIRM"],"url":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan"},{"name":"31243","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/31243"},{"name":"9135","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/9135"},{"tags":["x_refsource_CONFIRM"],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374"},{"name":"RHSA-2009:0402","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2009-0402.html"},{"name":"openswan-livetest-symlink(45250)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45250"},{"name":"DSA-1760","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2009/dsa-1760"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-4190","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files.  NOTE: in many distributions and the upstream version, this tool has been disabled."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"34472","refsource":"SECUNIA","url":"http://secunia.com/advisories/34472"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=460425","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=460425"},{"name":"[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2008/10/30/2"},{"name":"https://bugs.gentoo.org/show_bug.cgi?id=235770","refsource":"CONFIRM","url":"https://bugs.gentoo.org/show_bug.cgi?id=235770"},{"name":"20090309 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/501624/100/0/threaded"},{"name":"34182","refsource":"SECUNIA","url":"http://secunia.com/advisories/34182"},{"name":"20090310 Re: [ GLSA 200903-18 ] Openswan: Insecure temporary file creation","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/501640/100/0/threaded"},{"name":"oval:org.mitre.oval:def:10078","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10078"},{"name":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan","refsource":"CONFIRM","url":"http://dev.gentoo.org/~rbu/security/debiantemp/openswan"},{"name":"31243","refsource":"BID","url":"http://www.securityfocus.com/bid/31243"},{"name":"9135","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/9135"},{"name":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374","refsource":"CONFIRM","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374"},{"name":"RHSA-2009:0402","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2009-0402.html"},{"name":"openswan-livetest-symlink(45250)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45250"},{"name":"DSA-1760","refsource":"DEBIAN","url":"http://www.debian.org/security/2009/dsa-1760"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-4190","datePublished":"2008-09-24T10:00:00.000Z","dateReserved":"2008-09-23T00:00:00.000Z","dateUpdated":"2024-08-07T10:08:34.945Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-09-24 11:42:25","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-59","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.4:*:*:*:*:*:*:*","matchCriteriaId":"83BD9C38-8D11-4A21-9A80-83D4D02ECC3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"7BF7EA37-F5B2-4EBE-A959-29F559A47F47"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.6:*:*:*:*:*:*:*","matchCriteriaId":"6C062450-8D41-4E0C-AEAD-6C51D9B8F107"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.7:*:*:*:*:*:*:*","matchCriteriaId":"4D15B299-2298-4617-8CED-5F98C2E68D07"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.8:*:*:*:*:*:*:*","matchCriteriaId":"F7FA0C68-A45A-42EB-9F1F-E911F32589BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:1.0.9:*:*:*:*:*:*:*","matchCriteriaId":"411E9D06-5756-4918-965C-3E83890F0316"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"3A9EABDE-514F-42BA-A335-135209605981"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"2425AF51-C42B-4EAA-A619-EE47EAFCBA83"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.1.4:*:*:*:*:*:*:*","matchCriteriaId":"892D939B-4649-4B90-A2C0-6C2E4DDF7DFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.1.5:*:*:*:*:*:*:*","matchCriteriaId":"1A321B57-5E08-48C8-9288-A92342770FD1"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.1.6:*:*:*:*:*:*:*","matchCriteriaId":"54780B50-9CFE-43B6-8BB9-C7246F817773"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.2:*:*:*:*:*:*:*","matchCriteriaId":"001E2700-CE33-495A-8F8A-81E2E550CFF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:openswan:openswan:2.3:*:*:*:*:*:*:*","matchCriteriaId":"6A628FE6-A042-4DF9-A141-8BE65FD236C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"112D7B10-50E4-4903-9E34-DB4857D6C658"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*","matchCriteriaId":"F7841F42-1226-43C4-A007-88847925D872"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"77930F86-13FF-4787-A39F-2D00110AFBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.2:*:*:*:*:*:*:*","matchCriteriaId":"7B1ADD64-2503-4EED-9F6F-E425A3406123"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.3:*:*:*:*:*:*:*","matchCriteriaId":"A3067BE9-4314-42BD-8131-89C4899F7D47"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.4:*:*:*:*:*:*:*","matchCriteriaId":"E00CA6E5-1F63-4D59-BA72-0F8697671718"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.5:*:*:*:*:*:*:*","matchCriteriaId":"C35A2049-8502-41F2-894E-E39AEBEB6816"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.6:*:*:*:*:*:*:*","matchCriteriaId":"1109A84D-1815-4A7B-8EDA-E493A1973224"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.7:*:*:*:*:*:*:*","matchCriteriaId":"B20531A3-F6F8-4FE1-9C0A-FDFABAC4C6AA"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.8:*:*:*:*:*:*:*","matchCriteriaId":"C9F212AE-D5B3-4A88-A1E6-00A13A0A2AD5"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.9:*:*:*:*:*:*:*","matchCriteriaId":"DD82E956-8C8E-4B38-9E82-4AA9AEFE6891"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.10:*:*:*:*:*:*:*","matchCriteriaId":"2D0F0EA4-A0DF-48CC-9B42-465A36945503"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.11:*:*:*:*:*:*:*","matchCriteriaId":"8945D2A7-B1C3-4981-B840-FB046AB6F4B6"},{"vulnerable":false,"criteria":"cpe:2.3:a:xelerance:openswan:2.4.12:*:*:*:*:*:*:*","matchCriteriaId":"338E969E-2CC6-44F3-A938-EE7131375AB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.03:*:*:*:*:*:*:*","matchCriteriaId":"78325087-599F-448B-8C47-570914FF6C59"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.04:*:*:*:*:*:*:*","matchCriteriaId":"059CFA5C-B262-47AF-94A6-8E74AFB19204"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.05:*:*:*:*:*:*:*","matchCriteriaId":"12F25627-235B-4312-80A4-4E36DE0E72A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.06:*:*:*:*:*:*:*","matchCriteriaId":"B3E70B88-6348-42BB-AE96-46BDB1F3C6FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.07:*:*:*:*:*:*:*","matchCriteriaId":"12A9DF25-48E8-4D52-A267-1BE0437E9000"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.08:*:*:*:*:*:*:*","matchCriteriaId":"C986533F-E320-46FA-A9F7-DAFDB1A0628A"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.09:*:*:*:*:*:*:*","matchCriteriaId":"7C77DED4-2696-4172-92B7-43034E61F845"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.10:*:*:*:*:*:*:*","matchCriteriaId":"2EDCCFDA-99A8-4590-99F1-95F3A5AD70B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.11:*:*:*:*:*:*:*","matchCriteriaId":"BED1BA7D-B603-49D4-9080-4A9FEC056A69"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.12:*:*:*:*:*:*:*","matchCriteriaId":"9E8EB86B-2DD9-4C4B-9C9A-E88B2C458C8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.13:*:*:*:*:*:*:*","matchCriteriaId":"207B98DB-5962-4F62-AF5B-D48EF0C0E2A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.14:*:*:*:*:*:*:*","matchCriteriaId":"DFB65639-AE3A-4984-93F9-2A8100DCEE6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.15:*:*:*:*:*:*:*","matchCriteriaId":"B8921D08-FBA3-4C0A-8944-362909C5EB6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:xelerance:openswan:2.6.16:*:*:*:*:*:*:*","matchCriteriaId":"3FBD5312-E44F-4996-AA29-AFED53A90E8E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"4190","Ordinal":"1","Title":"CVE-2008-4190","CVE":"CVE-2008-4190","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"4190","Ordinal":"1","NoteData":"The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files.  NOTE: in many distributions and the upstream version, this tool has been disabled.","Type":"Description","Title":"CVE-2008-4190"},{"CveYear":"2008","CveId":"4190","Ordinal":"2","NoteData":"2008-09-24","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"4190","Ordinal":"3","NoteData":"2018-10-11","Type":"Other","Title":"Modified"}]}}}