CVE-2009-2661
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.
La función asn1_length en strongSwan 2.8 antes de 2.8.11, 4.2 antes de 4.2.17 y 4.3 antes de 4.3.3 no maneja adecuadamente certificados X.509 con Relative Distinguished Names (RDNs) modificados, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio pluto IKE) mediante datos ASN.1 malformados. NOTA: Esto es debido a una solución incompleta de CVE-2009-2185.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-08-04 CVE Reserved
- 2009-08-04 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch | X_refsource_confirm | |
| http://secunia.com/advisories/36922 | Third Party Advisory | |
| http://up2date.astaro.com/2009/08/up2date_7505_released.html | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2009/07/27/1 | Mailing List |
|
| http://www.vupen.com/english/advisories/2009/2247 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch | 2009-11-24 | |
| https://lists.strongswan.org/pipermail/announce/2009-July/000056.html | 2009-11-24 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html | 2009-11-24 | |
| http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html | 2009-11-24 | |
| http://www.debian.org/security/2009/dsa-1899 | 2009-11-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.0 Search vendor "Strongswan" for product "Strongswan" and version "2.8.0" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.1 Search vendor "Strongswan" for product "Strongswan" and version "2.8.1" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.2 Search vendor "Strongswan" for product "Strongswan" and version "2.8.2" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.3 Search vendor "Strongswan" for product "Strongswan" and version "2.8.3" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.4 Search vendor "Strongswan" for product "Strongswan" and version "2.8.4" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.5 Search vendor "Strongswan" for product "Strongswan" and version "2.8.5" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.6 Search vendor "Strongswan" for product "Strongswan" and version "2.8.6" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.7 Search vendor "Strongswan" for product "Strongswan" and version "2.8.7" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.8 Search vendor "Strongswan" for product "Strongswan" and version "2.8.8" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 2.8.10 Search vendor "Strongswan" for product "Strongswan" and version "2.8.10" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.0 Search vendor "Strongswan" for product "Strongswan" and version "4.2.0" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.1 Search vendor "Strongswan" for product "Strongswan" and version "4.2.1" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.2 Search vendor "Strongswan" for product "Strongswan" and version "4.2.2" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.3 Search vendor "Strongswan" for product "Strongswan" and version "4.2.3" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.10 Search vendor "Strongswan" for product "Strongswan" and version "4.2.10" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.11 Search vendor "Strongswan" for product "Strongswan" and version "4.2.11" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.12 Search vendor "Strongswan" for product "Strongswan" and version "4.2.12" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.13 Search vendor "Strongswan" for product "Strongswan" and version "4.2.13" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.14 Search vendor "Strongswan" for product "Strongswan" and version "4.2.14" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.15 Search vendor "Strongswan" for product "Strongswan" and version "4.2.15" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.2.16 Search vendor "Strongswan" for product "Strongswan" and version "4.2.16" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.3.0 Search vendor "Strongswan" for product "Strongswan" and version "4.3.0" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.3.1 Search vendor "Strongswan" for product "Strongswan" and version "4.3.1" | - |
Affected
| ||||||
| Strongswan Search vendor "Strongswan" | Strongswan Search vendor "Strongswan" for product "Strongswan" | 4.3.2 Search vendor "Strongswan" for product "Strongswan" and version "4.3.2" | - |
Affected
| ||||||