what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Openswan / Strongswan Denial Of Service

Posted Mar 30, 2009

Authored by Paul Wouters

Openswan versions 2.6.20 and below and Strongswan versions 4.2.13 and below suffer from a Dead Peer Detection denial of service vulnerability.

tags | advisory, denial of service

advisories | CVE-2009-0790

SHA-256 | f54e2eb6a321fda0ffc703dd3f3a2af930e2a7924acef3fa72d65f80e868505a

Download | Favorite | View

Related Files

strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux

Posted Mar 30, 2009

Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: New server-side EAP RADIUS plugin. A vulnerability in Dead Peer Detection has been fixed. Other tweaks have been implemented.

tags | kernel, encryption

systems | linux

advisories | CVE-2009-0790

SHA-256 | 4ceadb0aa155d910f1986bd9f636d87644d75b68308d787fad07689d7bc0817f

Download | Favorite | View