Candidate: CVE-2010-3753
PublicDate: 2010-10-05 22:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3753
 http://www.openswan.org/download/CVE-2010-3308/CVE-2010-3308.txt
Description:
 programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28
 allows remote authenticated gateways to execute arbitrary commands via
 shell metacharacters in the cisco_banner (aka server_banner) field, a
 different vulnerability than CVE-2010-3308.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_openswan:
 upstream: http://www.openswan.org/download/CVE-2010-3308/openswan-2.6.26-2.6.28-CVE-2010-330x.patch
upstream_openswan: released (2.6.29)
dapper_openswan: ignored (reached end-of-life)
hardy_openswan: not-affected
jaunty_openswan: ignored (reached end-of-life)
karmic_openswan: ignored (reached end-of-life)
lucid_openswan: not-affected (1:2.6.23+dfsg-1ubuntu1)
maverick_openswan: ignored (reached end-of-life)
natty_openswan: not-affected (1:2.6.28+dfsg-2)
oneiric_openswan: not-affected (1:2.6.28+dfsg-2)
devel_openswan: not-affected (1:2.6.37-1)