QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-2185

Back to search

CVE-2009-2185

Published: Jun 24, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.

VendorProductVersions

n/a

n/a

affected
n/a

References

ADV-2009-1639
vdb-entry
x_refsource_VUPEN
35740
third-party-advisory
x_refsource_SECUNIA
1022428
vdb-entry
x_refsource_SECTRACK
RHSA-2009:1138
vendor-advisory
x_refsource_REDHAT
ADV-2009-1706
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:11079
vdb-entry
signature
x_refsource_OVAL
36950
third-party-advisory
x_refsource_SECUNIA
35522
third-party-advisory
x_refsource_SECUNIA
36922
third-party-advisory
x_refsource_SECUNIA
37504
third-party-advisory
x_refsource_SECUNIA
DSA-1899
vendor-advisory
x_refsource_DEBIAN
35452
vdb-entry
x_refsource_BID
DSA-1898
vendor-advisory
x_refsource_DEBIAN
ADV-2009-1829
vdb-entry
x_refsource_VUPEN
FEDORA-2009-7478
vendor-advisory
x_refsource_FEDORA
35698
third-party-advisory
x_refsource_SECUNIA
ADV-2009-3354
vdb-entry
x_refsource_VUPEN
FEDORA-2009-7423
vendor-advisory
x_refsource_FEDORA
35804
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now