Mandrake Linux Security Advisory : super-freeswan (MDKSA-2004:070-1)

Critical Nessus Plugin ID 14820


The remote Mandrake Linux host is missing one or more security updates.


Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. As well, another hole exists in the CA checking code that could create an endless loop in certain instances.

Mandrakesoft encourages all users who use FreeS/WAN or super-freeswan to upgrade to the updated packages which are patched to correct these flaws.

Update :

Due to a build error, the super-freeswan packages did not include the pluto program. The updated packages fix this error.


Update the affected super-freeswan and / or super-freeswan-doc packages.

See Also

Plugin Details

Severity: Critical

ID: 14820

File Name: mandrake_MDKSA-2004-070.nasl

Version: $Revision: 1.20 $

Type: local

Published: 2004/07/31

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:super-freeswan, p-cpe:/a:mandriva:linux:super-freeswan-doc, cpe:/o:mandrakesoft:mandrake_linux:10.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2004/09/20

Reference Information

CVE: CVE-2004-0590

MDKSA: 2004:070-1