Candidate: CVE-2010-3308
PublicDate: 2010-10-05 22:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3308
 http://www.openswan.org/download/CVE-2010-3308/CVE-2010-3308.txt
Description:
 Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26
 through 2.6.28 might allow remote authenticated gateways to execute
 arbitrary code or cause a denial of service via a long cisco_banner (aka
 server_banner) field.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_openswan:
 upstream: http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch
upstream_openswan: released (2.6.29)
dapper_openswan: ignored (reached end-of-life)
hardy_openswan: not-affected
jaunty_openswan: ignored (reached end-of-life)
karmic_openswan: ignored (reached end-of-life)
lucid_openswan: not-affected (1:2.6.23+dfsg-1ubuntu1)
maverick_openswan: ignored (reached end-of-life)
natty_openswan: not-affected (1:2.6.28+dfsg-2)
oneiric_openswan: not-affected (1:2.6.28+dfsg-2)
devel_openswan: not-affected (1:2.6.37-1)