CVE-2009-2185

Published: Jun 25, 2009Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.

Affected (56)

Products: Strongswan: Strongswan · Xelerance: Openswan

1 product

1 product

Configuration A

56 vulnerable

Vulnerable Software	Affected Versions
Strongswan Strongswan	Version 2.8.0
Strongswan Strongswan	Version 2.8.10
Strongswan Strongswan	Version 2.8.1
Strongswan Strongswan	Version 2.8.2
Strongswan Strongswan	Version 2.8.3
Strongswan Strongswan	Version 2.8.4
Strongswan Strongswan	Version 2.8.5
Strongswan Strongswan	Version 2.8.6
Strongswan Strongswan	Version 2.8.7
Strongswan Strongswan	Version 2.8.8
Strongswan Strongswan	Version 2.8.9
Strongswan Strongswan	Version 4.1
Strongswan Strongswan	Version 4.2.0
Strongswan Strongswan	Version 4.2.10
Strongswan Strongswan	Version 4.2.11
Strongswan Strongswan	Version 4.2.12
Strongswan Strongswan	Version 4.2.13
Strongswan Strongswan	Version 4.2.14
Strongswan Strongswan	Version 4.2.15
Strongswan Strongswan	Version 4.2.1
Strongswan Strongswan	Version 4.2.2
Strongswan Strongswan	Version 4.2.3
Strongswan Strongswan	Version 4.2.4
Strongswan Strongswan	Version 4.2.5
Strongswan Strongswan	Version 4.2.6
Strongswan Strongswan	Version 4.2.7
Strongswan Strongswan	Version 4.2.8
Strongswan Strongswan	Version 4.2.9
Strongswan Strongswan	Version 4.3.0
Strongswan Strongswan	Version 4.3.1
Xelerance Openswan	Version 2.4.0
Xelerance Openswan	Version 2.4.10
Xelerance Openswan	Version 2.4.1
Xelerance Openswan	Version 2.4.2
Xelerance Openswan	Version 2.4.3
Xelerance Openswan	Version 2.4.4
Xelerance Openswan	Version 2.4.5
Xelerance Openswan	Version 2.4.9
Xelerance Openswan	Version 2.6.03
Xelerance Openswan	Version 2.6.04
Xelerance Openswan	Version 2.6.05
Xelerance Openswan	Version 2.6.06
Xelerance Openswan	Version 2.6.07
Xelerance Openswan	Version 2.6.08
Xelerance Openswan	Version 2.6.09
Xelerance Openswan	Version 2.6.10
Xelerance Openswan	Version 2.6.11
Xelerance Openswan	Version 2.6.12
Xelerance Openswan	Version 2.6.13
Xelerance Openswan	Version 2.6.14
Xelerance Openswan	Version 2.6.15
Xelerance Openswan	Version 2.6.16
Xelerance Openswan	Version 2.6.17
Xelerance Openswan	Version 2.6.18
Xelerance Openswan	Version 2.6.19
Xelerance Openswan	Version 2.6.20

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (48)

http://download.strongswan.org/CHANGES2.txt

Source: cve@mitre.org

Vendor Advisory

http://download.strongswan.org/CHANGES4.txt

Source: cve@mitre.org

Vendor Advisory

http://download.strongswan.org/CHANGES42.txt

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/35522

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/35698

Source: cve@mitre.org

http://secunia.com/advisories/35740

Source: cve@mitre.org

http://secunia.com/advisories/35804

Source: cve@mitre.org

http://secunia.com/advisories/36922

Source: cve@mitre.org

http://secunia.com/advisories/36950

Source: cve@mitre.org

http://secunia.com/advisories/37504

Source: cve@mitre.org

http://up2date.astaro.com/2009/07/up2date_7404_released.html

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1898

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1899

Source: cve@mitre.org

http://www.ingate.com/Relnote.php?ver=481

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2009-1138.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/35452

Source: cve@mitre.org

Patch

http://www.securitytracker.com/id?1022428

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1639

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2009/1706

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1829

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/3354

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11079

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00264.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00337.html

Source: cve@mitre.org

http://download.strongswan.org/CHANGES2.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://download.strongswan.org/CHANGES4.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://download.strongswan.org/CHANGES42.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/35522

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/35698

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35740

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35804

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/36922

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/36950

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/37504

Source: af854a3a-2127-422b-91ae-364da2661108

http://up2date.astaro.com/2009/07/up2date_7404_released.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1898

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1899

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ingate.com/Relnote.php?ver=481

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2009-1138.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35452

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securitytracker.com/id?1022428

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1639

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2009/1706

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1829

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/3354

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11079

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00264.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00337.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.