exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2009-0790

Status Candidate

Overview

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.

Related Files

Mandriva Linux Security Advisory 2013-231
Posted Sep 12, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-231 - Multiple vulnerabilities has been discovered and corrected in openswan. The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the in many distributions and the upstream version, this tool has been disabled. The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted R_U_THERE_ACK Dead Peer Detection IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, mandriva
advisories | CVE-2008-4190, CVE-2009-0790, CVE-2009-2185, CVE-2011-4073, CVE-2013-2053
SHA-256 | fb07f53fcbc6401898ba4775ff34c35ba6bd0724b1aaf7b8955e48769191fdc6
Gentoo Linux Security Advisory 200909-5
Posted Sep 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-05 - Multiple vulnerabilities in the pluto IKE daemon of Openswan might allow remote attackers to cause a Denial of Service. Versions less than 2.4.15 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0790, CVE-2009-2185
SHA-256 | dc82cd23ab45cea7322425270ef367bfb55a717c6478211749f633c797080928
Debian Linux Security Advisory 1760-1
Posted Apr 1, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1760-1 - Two vulnerabilities have been discovered in openswan, an IPSec implementation for linux.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2008-4190, CVE-2009-0790
SHA-256 | 2c2aa3345edfeb4b31239b8671abeebadc6d458161424f2e9b565f1d82a519da
Debian Linux Security Advisory 1759-1
Posted Apr 1, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1759-1 - Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an IPSec implementation for linux, is prone to a denial of service attack via a malicious packet.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2009-0790
SHA-256 | e50f4c4bdee473b2d0a12ed6e6e7f625f317c6e610e2d3965a17d7d06d62af8d
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Mar 30, 2009
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: New server-side EAP RADIUS plugin. A vulnerability in Dead Peer Detection has been fixed. Other tweaks have been implemented.
tags | kernel, encryption
systems | linux
advisories | CVE-2009-0790
SHA-256 | 4ceadb0aa155d910f1986bd9f636d87644d75b68308d787fad07689d7bc0817f
Openswan / Strongswan Denial Of Service
Posted Mar 30, 2009
Authored by Paul Wouters

Openswan versions 2.6.20 and below and Strongswan versions 4.2.13 and below suffer from a Dead Peer Detection denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2009-0790
SHA-256 | f54e2eb6a321fda0ffc703dd3f3a2af930e2a7924acef3fa72d65f80e868505a
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close