Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x prior to 1.0.9, and Openswan 2.x prior to 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated malicious users to execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xelerance openswan 2.3.0 |
||
openswan openswan |