CVE-2013-7283

Name of the Vulnerable Software and Affected Versions libreswan version 3.6

Description A race condition exists in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan, which involves the /var/tmp/libreswan-nss-pwd temporary file. The impact and attack vectors of this issue are not specified.

Recommendations For libreswan version 3.6, consider restricting access to the /var/tmp/libreswan-nss-pwd temporary file as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.