CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.9%
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.
Vendor | Product | Version | CPE |
---|---|---|---|
xelerance | openswan | 2.3.0 | cpe:2.3:a:xelerance:openswan:2.3.0:*:*:*:*:*:*:* |
xelerance | openswan | 2.3.1 | cpe:2.3:a:xelerance:openswan:2.3.1:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.0 | cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.1 | cpe:2.3:a:xelerance:openswan:2.4.1:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.2 | cpe:2.3:a:xelerance:openswan:2.4.2:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.3 | cpe:2.3:a:xelerance:openswan:2.4.3:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.4 | cpe:2.3:a:xelerance:openswan:2.4.4:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.5 | cpe:2.3:a:xelerance:openswan:2.4.5:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.6 | cpe:2.3:a:xelerance:openswan:2.4.6:*:*:*:*:*:*:* |
xelerance | openswan | 2.4.7 | cpe:2.3:a:xelerance:openswan:2.4.7:*:*:*:*:*:*:* |