Openswan versions 2.6.20 and below and Strongswan versions 4.2.13 and below suffer from a Dead Peer Detection denial of service vulnerability.
f54e2eb6a321fda0ffc703dd3f3a2af930e2a7924acef3fa72d65f80e868505a
strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
4ceadb0aa155d910f1986bd9f636d87644d75b68308d787fad07689d7bc0817f