CVE Vulnerabilities

CVE-2005-0162

Published: Jan 26, 2005 | Modified: Jul 29, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code.

Affected Software

Name Vendor Start Version End Version
Openswan Openswan * 1.0.9 (including)
Openswan Xelerance 2.3.0 (including) 2.3.0 (including)
Openswan Ubuntu devel *

References