5

CVE-2014-9221

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
StrongswanStrongswan Version4.5.0
StrongswanStrongswan Version4.5.1
StrongswanStrongswan Version4.5.2
StrongswanStrongswan Version4.5.3
StrongswanStrongswan Version4.6.0
StrongswanStrongswan Version4.6.1
StrongswanStrongswan Version4.6.2
StrongswanStrongswan Version4.6.3
StrongswanStrongswan Version4.6.4
StrongswanStrongswan Version5.0.0
StrongswanStrongswan Version5.0.1
StrongswanStrongswan Version5.0.2
StrongswanStrongswan Version5.0.3
StrongswanStrongswan Version5.0.4
StrongswanStrongswan Version5.1.0
StrongswanStrongswan Version5.1.1
StrongswanStrongswan Version5.1.2
StrongswanStrongswan Version5.1.3
StrongswanStrongswan Version5.2.0
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version14.10
FedoraprojectFedora Version21
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.82% 0.887
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153825.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-01/msg00054.html
Third Party Advisory
http://secunia.com/advisories/62071
Third Party Advisory
Permissions Required
http://secunia.com/advisories/62083
http://secunia.com/advisories/62095
Third Party Advisory
Permissions Required
http://secunia.com/advisories/62663
Third Party Advisory
Permissions Required
http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html
Vendor Advisory
http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-%28cve-2014-9221%29.html
http://www.debian.org/security/2015/dsa-3118
Third Party Advisory
http://www.securityfocus.com/bid/71894
http://www.ubuntu.com/usn/USN-2450-1
Third Party Advisory