5

CVE-2009-2661

EPSS 1.79%
Published 04.08.2009 16:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data.  NOTE: this is due to an incomplete fix for CVE-2009-2185.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Strongswan ≫ Strongswan Version2.8.0

Strongswan ≫ Strongswan Version2.8.1

Strongswan ≫ Strongswan Version2.8.2

Strongswan ≫ Strongswan Version2.8.3

Strongswan ≫ Strongswan Version2.8.4

Strongswan ≫ Strongswan Version2.8.5

Strongswan ≫ Strongswan Version2.8.6

Strongswan ≫ Strongswan Version2.8.7

Strongswan ≫ Strongswan Version2.8.8

Strongswan ≫ Strongswan Version2.8.10

Strongswan ≫ Strongswan Version4.2.0

Strongswan ≫ Strongswan Version4.2.1

Strongswan ≫ Strongswan Version4.2.2

Strongswan ≫ Strongswan Version4.2.3

Strongswan ≫ Strongswan Version4.2.10

Strongswan ≫ Strongswan Version4.2.11

Strongswan ≫ Strongswan Version4.2.12

Strongswan ≫ Strongswan Version4.2.13

Strongswan ≫ Strongswan Version4.2.14

Strongswan ≫ Strongswan Version4.2.15

Strongswan ≫ Strongswan Version4.2.16

Strongswan ≫ Strongswan Version4.3.0

Strongswan ≫ Strongswan Version4.3.1

Strongswan ≫ Strongswan Version4.3.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.79%	0.811

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html

http://secunia.com/advisories/36922

http://www.debian.org/security/2009/dsa-1899

http://up2date.astaro.com/2009/08/up2date_7505_released.html

http://www.vupen.com/english/advisories/2009/2247

http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch

http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch

Patch

http://www.openwall.com/lists/oss-security/2009/07/27/1

https://lists.strongswan.org/pipermail/announce/2009-July/000056.html

Patch

https://nvd.nist.gov/vuln/detail/CVE-2009-2661

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-2661

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-2661

EUVD