CVE-2009-0790 — Improper Input Validation in Strongswan

CWE-20 — Improper Input Validation6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

10.9%

top 6.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Strongswan Debian Strongswan Xelerance Openswan

Timeline

PublishedApr 1

Latest updateMay 2

Description

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶debiandebian/strongswan< strongswan 4.2.14-1 (bookworm)

▶Debianstrongswan/strongswan< 4.2.14-1+3

▶NVDstrongswan/strongswan34 versions+33

▶NVDxelerance/openswan26 versions+25

Patches

Patch: www.debian.org ↗Patch: www.debian.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-xf8f-c2h7-7qmc: The pluto IKE daemon in Openswan and Strongswan IPsec 2↗2022-05-02

▶

OSV

CVE-2009-0790: The pluto IKE daemon in Openswan and Strongswan IPsec 2↗2009-04-01

▶

📋Vendor Advisories

Red Hat

openswan: ISAKMP DPD remote DoS↗2009-03-30

▶

Debian

CVE-2009-0790: strongswan - The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 ...↗2009

▶

💬Community

Bugzilla

CVE-2009-0790 openswan: ISAKMP DPD remote DoS↗2009-03-24

▶