Scientific Linux Security Update : openswan on SL5.x, SL6.x i386/x86_64
Medium Nessus Plugin ID 72570
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA NULL pointer dereference flaw was discovered in the way Openswan's IKE daemon processed IKEv2 payloads. A remote attacker could send specially crafted IKEv2 payloads that, when processed, would lead to a denial of service (daemon crash), possibly causing existing VPN connections to be dropped. (CVE-2013-6466)
SolutionUpdate the affected openswan, openswan-debuginfo and / or openswan-doc packages.