-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================================== Openswan & Strongswan Security Notification March 30, 2009 Remote DoS Vulnerability in Openswan & Strongswan IPsec CVE-2009-0790 ========================================================================== A vulnerability in the Dead Peer Detection (RFC-3706) code was found by Gerd v. Egidy of Intra2net AG affecting all Openswan and all Strongswan releases. A malicious (or expired ISAKMP) R_U_THERE or R_U_THERE_ACK Dead Peer Detection packet can cause the pluto IKE daemon to crash and restart. No authentication or encryption is required to trigger this bug. One spoofed UDP packet can cause the pluto IKE daemon to restart and be unresponsive for a few seconds while restarting. A patch was created by Paul Wouters for Openswan and Strongswan. This bug affects the following software releases: Current branches: Openswan-2.6.20 and earlier Strongswan-4.2.13 and earlier Maintenance mode branches: Openswan-2.4.13 and earlier Strongswan-2.8.8 and earlier End of Life branches: Superfreeswan-1.9x Openswan-1.x Openswan-2.0.x - 2.3.1 Openswan-2.5.x Everyone is strongly encouraged to upgrade to these minimum versions: openswan-2.6.21 strongswan-4.2.14 openswan-2.4.14 strongswan-2.8.9 If you cannot upgrade to a new version, please apply the appropriate patch as listed at http://www.openswan.org/CVE-2009-0790/ Dead Peer Detection is an IPsec IKE Notification message. It uses an ICOOKIE/RCOOKIE mechanism to match an incoming packet to a know Security Association (ISAKMP). Unlike most Notification messages, DPD notifications have no phase2 state association. Incorrect handling of this exception can cause a NULL pointer dereference on a non-existing state object 'st'. This bug is triggered in the case where one end has expired an ISAKMP state, but the other end still uses the old state to send a DPD Notification. Since this state-lookup is performed before any encryption or decryption takes place, as we need to find the proper ISAKMP to locate the cryptogrpahic key material used for decryption, this bug can be triggered without going through a phase1 (ISAKMP) negotiation. When such a packet is received, the pluto daemon crashes and restarts. Locations for downloading patches and source code: http://www.openswan.org/ http://www.strongswan.org/ ftp://ftp.openswan.org/openswan/ http://download1.strongswan.org/ ftp://ftp.openswan.fi/pub/openswan/ http://download2.strongswan.org/ Paul Wouters GPG key: 0xB5CC27E1 ========================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEVAwUBSdDsnecYBqa1zCfhAQIgkQf9GGalx45xj5xmdXlSB/BZgRXhQW4fNWHp ZLLt5c40hOSvcmNfgYoIEz/QKpZPjfldvJ+c/08bAyAEQiHmmKkK+cFTlH1LtpDg 1f70lLrsziQ/eK1sQ9EYlFG4gbRfzjl1XZnnijAYvCAS1W12VSIU9gKN0YnHSCjH ndiGTxtYPEYhzm7QzraYPB28BqBqvdQcMMwbfTThjYHMowzt6fMzFEteCTqJ5YAT WgNbbbxBz1gNGssoiN4bv0YxaT+701OfKCdgJKKXs61We3twEQ2XKCi6l5Xw/lJe mrbVHYgUGy/ef70sN03O/vN5o+2If1n0Pib6usdeEcVA0L9RQOIW5A== =NxrM -----END PGP SIGNATURE-----