Scientific Linux Security Update : libreswan on SL7.x x86_64
Medium Nessus Plugin ID 95845
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A traffic amplification flaw was found in the Internet Key Exchange version 1 (IKEv1) protocol. A remote attacker could use a libreswan server with IKEv1 enabled in a network traffic amplification denial of service attack against other hosts on the network by sending UDP packets with a spoofed source address to that server.
Additional Changes :
SolutionUpdate the affected libreswan and / or libreswan-debuginfo packages.