4

CVE-2011-4073

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
XeleranceOpenswan Version2.3.0
XeleranceOpenswan Version2.3.1
XeleranceOpenswan Version2.4.0
XeleranceOpenswan Version2.4.1
XeleranceOpenswan Version2.4.2
XeleranceOpenswan Version2.4.3
XeleranceOpenswan Version2.4.4
XeleranceOpenswan Version2.4.5
XeleranceOpenswan Version2.4.6
XeleranceOpenswan Version2.4.7
XeleranceOpenswan Version2.4.8
XeleranceOpenswan Version2.4.9
XeleranceOpenswan Version2.4.10
XeleranceOpenswan Version2.4.11
XeleranceOpenswan Version2.4.12
XeleranceOpenswan Version2.4.13
XeleranceOpenswan Version2.5.0
XeleranceOpenswan Version2.5.0 Updatesbs4
XeleranceOpenswan Version2.5.0 Updatesbs5
XeleranceOpenswan Version2.5.01
XeleranceOpenswan Version2.5.02
XeleranceOpenswan Version2.5.03
XeleranceOpenswan Version2.5.04
XeleranceOpenswan Version2.5.05
XeleranceOpenswan Version2.5.06
XeleranceOpenswan Version2.5.07
XeleranceOpenswan Version2.5.08
XeleranceOpenswan Version2.5.09
XeleranceOpenswan Version2.5.10
XeleranceOpenswan Version2.5.11
XeleranceOpenswan Version2.5.12
XeleranceOpenswan Version2.5.13
XeleranceOpenswan Version2.5.14
XeleranceOpenswan Version2.5.15
XeleranceOpenswan Version2.5.16
XeleranceOpenswan Version2.5.17
XeleranceOpenswan Version2.5.18
XeleranceOpenswan Version2.6.01
XeleranceOpenswan Version2.6.02
XeleranceOpenswan Version2.6.03
XeleranceOpenswan Version2.6.04
XeleranceOpenswan Version2.6.05
XeleranceOpenswan Version2.6.06
XeleranceOpenswan Version2.6.07
XeleranceOpenswan Version2.6.08
XeleranceOpenswan Version2.6.09
XeleranceOpenswan Version2.6.10
XeleranceOpenswan Version2.6.11
XeleranceOpenswan Version2.6.12
XeleranceOpenswan Version2.6.13
XeleranceOpenswan Version2.6.14
XeleranceOpenswan Version2.6.15
XeleranceOpenswan Version2.6.16
XeleranceOpenswan Version2.6.17
XeleranceOpenswan Version2.6.18
XeleranceOpenswan Version2.6.19
XeleranceOpenswan Version2.6.20
XeleranceOpenswan Version2.6.21
XeleranceOpenswan Version2.6.22
XeleranceOpenswan Version2.6.23
XeleranceOpenswan Version2.6.24
XeleranceOpenswan Version2.6.25
XeleranceOpenswan Version2.6.26
XeleranceOpenswan Version2.6.27
XeleranceOpenswan Version2.6.28
XeleranceOpenswan Version2.6.29
XeleranceOpenswan Version2.6.30
XeleranceOpenswan Version2.6.31
XeleranceOpenswan Version2.6.32
XeleranceOpenswan Version2.6.33
XeleranceOpenswan Version2.6.34
XeleranceOpenswan Version2.6.35
XeleranceOpenswan Version2.6.36
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.09% 0.793
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/46678
Vendor Advisory
http://secunia.com/advisories/46681
Vendor Advisory
http://secunia.com/advisories/47342
Vendor Advisory
http://www.debian.org/security/2011/dsa-2374
http://www.openswan.org/download/CVE-2011-4073/CVE-2011-4073.txt
http://www.redhat.com/support/errata/RHSA-2011-1422.html
http://www.securityfocus.com/bid/50440
http://www.securitytracker.com/id?1026268