CVE-2009-2185

Related Files

Mandriva Linux Security Advisory 2013-231

Posted Sep 12, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-231 - Multiple vulnerabilities has been discovered and corrected in openswan. The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the in many distributions and the upstream version, this tool has been disabled. The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted R_U_THERE_ACK Dead Peer Detection IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability

systems | linux, mandriva

advisories | CVE-2008-4190, CVE-2009-0790, CVE-2009-2185, CVE-2011-4073, CVE-2013-2053

SHA-256 | fb07f53fcbc6401898ba4775ff34c35ba6bd0724b1aaf7b8955e48769191fdc6

Download | Favorite | View

Mandriva Linux Security Advisory 2009-273

Posted Oct 14, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-273 - The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string. This update fixes this vulnerability.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2009-2185

SHA-256 | 9d23a6b9383f01080f2da75fcf3da43f385bd9c9bcc1955df907fc088ec8ed69

Download | Favorite | View

Debian Linux Security Advisory 1899-1

Posted Oct 2, 2009

Authored by Debian | Site debian.org

Debian Linux Security Advisory 1899-1 - Several remote vulnerabilities have been discovered in strongswan, an implementation of the IPSEC and IKE protocols.

tags | advisory, remote, vulnerability, protocol

systems | linux, debian

advisories | CVE-2009-1957, CVE-2009-1958, CVE-2009-2185, CVE-2009-2661

SHA-256 | 5a16cf35f56ccf5c3f540c745131cfd5b654a1639247c08323a854f9603d3373

Download | Favorite | View

Debian Linux Security Advisory 1898-1

Posted Oct 2, 2009

Authored by Debian | Site debian.org

Debian Linux Security Advisory 1898-1 - It was discovered that the pluto daemon in the openswan, an implementation of IPSEC and IKE, could crash when processing a crafted X.509 certificate.

tags | advisory

systems | linux, debian

advisories | CVE-2009-2185

SHA-256 | dcfced34b0416aa67a4b67e9662316ba344fcbd2048ab0da9180035dc94c6f8e

Download | Favorite | View

Gentoo Linux Security Advisory 200909-5

Posted Sep 10, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-05 - Multiple vulnerabilities in the pluto IKE daemon of Openswan might allow remote attackers to cause a Denial of Service. Versions less than 2.4.15 are affected.

tags | advisory, remote, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2009-0790, CVE-2009-2185

SHA-256 | dc82cd23ab45cea7322425270ef367bfb55a717c6478211749f633c797080928

Download | Favorite | View