CVE-2014-2891

2014-05-0710:55:06

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.044

Percentile

92.4%

JSON

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

Affected configurations

Nvd

Node

debianstrongswanRange≤5.1.2

strongswanstrongswanRange≤5.1.1

strongswanstrongswanMatch5.0.0

strongswanstrongswanMatch5.0.1

strongswanstrongswanMatch5.0.2

strongswanstrongswanMatch5.0.3

strongswanstrongswanMatch5.0.4

strongswanstrongswanMatch5.1.0

VendorProductVersionCPE
debianstrongswan*cpe:2.3:a:debian:strongswan:*:*:*:*:*:*:*:*
strongswanstrongswan*cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*
strongswanstrongswan5.0.0cpe:2.3:a:strongswan:strongswan:5.0.0:*:*:*:*:*:*:*
strongswanstrongswan5.0.1cpe:2.3:a:strongswan:strongswan:5.0.1:*:*:*:*:*:*:*
strongswanstrongswan5.0.2cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*
strongswanstrongswan5.0.3cpe:2.3:a:strongswan:strongswan:5.0.3:*:*:*:*:*:*:*
strongswanstrongswan5.0.4cpe:2.3:a:strongswan:strongswan:5.0.4:*:*:*:*:*:*:*
strongswanstrongswan5.1.0cpe:2.3:a:strongswan:strongswan:5.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
debian	strongswan	*	cpe:2.3:a:debian:strongswan::::::::
strongswan	strongswan	*	cpe:2.3:a:strongswan:strongswan::::::::
strongswan	strongswan	5.0.0	cpe:2.3:a:strongswan:strongswan:5.0.0:::::::*
strongswan	strongswan	5.0.1	cpe:2.3:a:strongswan:strongswan:5.0.1:::::::*
strongswan	strongswan	5.0.2	cpe:2.3:a:strongswan:strongswan:5.0.2:::::::*
strongswan	strongswan	5.0.3	cpe:2.3:a:strongswan:strongswan:5.0.3:::::::*
strongswan	strongswan	5.0.4	cpe:2.3:a:strongswan:strongswan:5.0.4:::::::*
strongswan	strongswan	5.1.0	cpe:2.3:a:strongswan:strongswan:5.1.0:::::::*