Amazon Linux AMI : openswan (ALAS-2011-06)

medium Nessus Plugin ID 69565

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

When an ISAKMP message with an invalid KEY_LENGTH attribute is received, the error handling function crashes on a NULL pointer dereference. Openswan automatically restarts the pluto IKE daemon but all ISAKMP state is lost. This vulnerability does NOT allow an attacker access to the system. This can be used to launch a denial of service attack by sending repeated IKE packets with the invalid key length attribute.

Solution

Run 'yum upgrade openswan' to upgrade your system.

See Also

http://www.openswan.org/download/CVE-2011-3380/CVE-2011-3380.txt

https://alas.aws.amazon.com/ALAS-2011-6.html

Plugin Details

Severity: Medium

ID: 69565

File Name: ala_ALAS-2011-06.nasl

Version: Revision: 1.4

Type: local

Agent: unix

Published: 9/4/2013

Updated: 1/30/2015

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:openswan, p-cpe:/a:amazon:linux:openswan-doc, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:openswan-debuginfo

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 10/10/2011

Reference Information

CVE: CVE-2011-3380

ALAS: 2011-06

RHSA: 2011:1356