CVE-2011-2147

Name of the Vulnerable Software and Affected Versions Openswan versions 2.2.x through 2.6.37

Description The issue is related to improper permission restrictions in Openswan, specifically with files /var/run/starter.pid and /var/lock/subsys/ipsec. This could allow local users to kill arbitrary processes or bypass disk quotas by writing to these files. The vulnerability can be exploited remotely by an authenticated attacker, potentially leading to disruption of protected information.

Recommendations For Openswan versions 2.2.x through 2.6.37, consider restricting access to the /var/run/starter.pid and /var/lock/subsys/ipsec files to prevent unauthorized modifications. As a temporary workaround, restrict write permissions to these files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.