Scientific Linux Security Update : openswan on SL5.x i386/x86_64
Medium Nessus Plugin ID 60611
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionMultiple insufficient input validation flaws were found in the way Openswan's pluto IKE daemon processed some fields of X.509 certificates. A remote attacker could provide a specially crafted X.509 certificate that would crash the pluto daemon. (CVE-2009-2185)
After installing this update, the ipsec service will be restarted automatically.
SolutionUpdate the affected openswan and / or openswan-doc packages.