Lucene search

[email protected]CVE-2009-2185

HistoryJun 25, 2009 - 2:00 a.m.

CVE-2009-2185

2009-06-2502:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2009-2185

asn.1 parser

strongswan

openswan

denial of service

remote attackers

x.509 certificate

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.1 High

AI Score

Confidence

High

0.075 Low

EPSS

Percentile

94.2%

JSON

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.

Affected configurations

NVD

Node

strongswanstrongswanMatch2.8.0

strongswanstrongswanMatch2.8.1

strongswanstrongswanMatch2.8.2

strongswanstrongswanMatch2.8.3

strongswanstrongswanMatch2.8.4

strongswanstrongswanMatch2.8.5

strongswanstrongswanMatch2.8.6

strongswanstrongswanMatch2.8.7

strongswanstrongswanMatch2.8.8

strongswanstrongswanMatch2.8.9

strongswanstrongswanMatch2.8.10

strongswanstrongswanMatch4.1

strongswanstrongswanMatch4.2.0

strongswanstrongswanMatch4.2.1

strongswanstrongswanMatch4.2.2

strongswanstrongswanMatch4.2.3

strongswanstrongswanMatch4.2.4

strongswanstrongswanMatch4.2.5

strongswanstrongswanMatch4.2.6

strongswanstrongswanMatch4.2.7

strongswanstrongswanMatch4.2.8

strongswanstrongswanMatch4.2.9

strongswanstrongswanMatch4.2.10

strongswanstrongswanMatch4.2.11

strongswanstrongswanMatch4.2.12

strongswanstrongswanMatch4.2.13

strongswanstrongswanMatch4.2.14

strongswanstrongswanMatch4.2.15

strongswanstrongswanMatch4.3.0

strongswanstrongswanMatch4.3.1

xeleranceopenswanMatch2.4.0

xeleranceopenswanMatch2.4.1

xeleranceopenswanMatch2.4.2

xeleranceopenswanMatch2.4.3

xeleranceopenswanMatch2.4.4

xeleranceopenswanMatch2.4.5

xeleranceopenswanMatch2.4.9

xeleranceopenswanMatch2.4.10

xeleranceopenswanMatch2.6.03

xeleranceopenswanMatch2.6.04

xeleranceopenswanMatch2.6.05

xeleranceopenswanMatch2.6.06

xeleranceopenswanMatch2.6.07

xeleranceopenswanMatch2.6.08

xeleranceopenswanMatch2.6.09

xeleranceopenswanMatch2.6.10

xeleranceopenswanMatch2.6.11

xeleranceopenswanMatch2.6.12

xeleranceopenswanMatch2.6.13

xeleranceopenswanMatch2.6.14

xeleranceopenswanMatch2.6.15

xeleranceopenswanMatch2.6.16

xeleranceopenswanMatch2.6.17

xeleranceopenswanMatch2.6.18

xeleranceopenswanMatch2.6.19

xeleranceopenswanMatch2.6.20

CPENameOperatorVersion
strongswan:strongswanstrongswaneq2.8.0
strongswan:strongswanstrongswaneq2.8.1
strongswan:strongswanstrongswaneq2.8.2
strongswan:strongswanstrongswaneq2.8.3
strongswan:strongswanstrongswaneq2.8.4
strongswan:strongswanstrongswaneq2.8.5
strongswan:strongswanstrongswaneq2.8.6
strongswan:strongswanstrongswaneq2.8.7
strongswan:strongswanstrongswaneq2.8.8
strongswan:strongswanstrongswaneq2.8.9

CPE	Name	Operator	Version
strongswan:strongswan	strongswan	eq	2.8.0
strongswan:strongswan	strongswan	eq	2.8.1
strongswan:strongswan	strongswan	eq	2.8.2
strongswan:strongswan	strongswan	eq	2.8.3
strongswan:strongswan	strongswan	eq	2.8.4
strongswan:strongswan	strongswan	eq	2.8.5
strongswan:strongswan	strongswan	eq	2.8.6
strongswan:strongswan	strongswan	eq	2.8.7
strongswan:strongswan	strongswan	eq	2.8.8
strongswan:strongswan	strongswan	eq	2.8.9