Denial of Service Vulnerability in StrongSwan and OpenSwan Products
CVE-2009-2185

Currently unrated

Key Information:

Vendor

Strongswan

Status
Strongswan
Openswan
Vendor
CVE Published:
25 June 2009

What is CVE-2009-2185?

The vulnerability in the ASN.1 parser of StrongSwan and OpenSwan products allows remote attackers to trigger a denial of service condition. This is achieved by sending specially crafted X.509 certificates that contain manipulated Relative Distinguished Names (RDNs), improper UTCTIME strings, or altered GENERALIZEDTIME strings, leading to crashes in the pluto IKE daemon.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/1639
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/35740
third-party-advisoryx_refsource_SECUNIA
http://www.ingate.com/Relnote.php?ver=481
x_refsource_CONFIRM

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.