CVE-2008-4190

Name of the Vulnerable Software and Affected Versions Openswan versions 2.4.12 and earlier Openswan versions 2.6.x through 2.6.16

Description The issue allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files, potentially leading to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out locally.

Recommendations For Openswan versions 2.4.12 and earlier, consider disabling the IPSEC livetest tool until a patch is available. For Openswan versions 2.6.x through 2.6.16, consider disabling the IPSEC livetest tool until a patch is available. As a temporary workaround, consider restricting access to the temporary files ipseclive.conn and ipsec.olts.remote.log to minimize the risk of exploitation.