← back
CVE-2009-2185

CVE-2009-2185

EPSS 2.7%
The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://download.strongswan.org/CHANGES2.txthttp://download.strongswan.org/CHANGES42.txthttp://download.strongswan.org/CHANGES4.txthttp://secunia.com/advisories/35522http://secunia.com/advisories/35698http://secunia.com/advisories/35740http://secunia.com/advisories/35804http://secunia.com/advisories/36922http://secunia.com/advisories/36950http://secunia.com/advisories/37504https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11079https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00264.html