Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 372961 (CVE-2011-2147)

Summary: <net-misc/openswan-2.6.37: DOS (CVE-2011-2147)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: mrness
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B4 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 389097    
Bug Blocks:    

Description GLSAMaker/CVETool Bot gentoo-dev 2011-06-25 12:19:00 UTC 
CVE-2011-2147 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2147):
  Openswan 2.2.x does not properly restrict permissions for (1)
  /var/run/starter.pid, related to starter.c in the IPsec starter, and (2)
  /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes
  by writing a PID to a file, or possibly bypass disk quotas by writing
  arbitrary data to a file, as demonstrated by files with 0666 permissions, a
  different vulnerability than CVE-2011-1784.
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2012-03-06 21:13:04 UTC 
Adding to GLSA request with bug 389097.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2012-03-16 11:15:23 UTC 
This issue was resolved and addressed in
 GLSA 201203-13 at http://security.gentoo.org/glsa/glsa-201203-13.xml
by GLSA coordinator Sean Amoss (ackle).