CVE-2009-2185
Last modified
CVE-2009-2185 is a vulnerability of currently unknown severity. The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.. EPSS estimates a 2.71% chance of exploitation in the next 30 days.
Description
The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Strongswan | Strongswan | 2.8.0 |
| Strongswan | Strongswan | 2.8.1 |
| Strongswan | Strongswan | 2.8.2 |
| Strongswan | Strongswan | 2.8.3 |
| Strongswan | Strongswan | 2.8.4 |
| Strongswan | Strongswan | 2.8.5 |
| Strongswan | Strongswan | 2.8.6 |
| Strongswan | Strongswan | 2.8.7 |
| Strongswan | Strongswan | 2.8.8 |
| Strongswan | Strongswan | 2.8.9 |
| Strongswan | Strongswan | 2.8.10 |
| Strongswan | Strongswan | 4.1 |
| Strongswan | Strongswan | 4.2.0 |
| Strongswan | Strongswan | 4.2.1 |
| Strongswan | Strongswan | 4.2.2 |
| Strongswan | Strongswan | 4.2.3 |
| Strongswan | Strongswan | 4.2.4 |
| Strongswan | Strongswan | 4.2.5 |
| Strongswan | Strongswan | 4.2.6 |
| Strongswan | Strongswan | 4.2.7 |
| Strongswan | Strongswan | 4.2.8 |
| Strongswan | Strongswan | 4.2.9 |
| Strongswan | Strongswan | 4.2.10 |
| Strongswan | Strongswan | 4.2.11 |
| Strongswan | Strongswan | 4.2.12 |
| Strongswan | Strongswan | 4.2.13 |
| Strongswan | Strongswan | 4.2.14 |
| Strongswan | Strongswan | 4.2.15 |
| Strongswan | Strongswan | 4.3.0 |
| Strongswan | Strongswan | 4.3.1 |
| Xelerance | Openswan | 2.4.0 |
| Xelerance | Openswan | 2.4.1 |
| Xelerance | Openswan | 2.4.2 |
| Xelerance | Openswan | 2.4.3 |
| Xelerance | Openswan | 2.4.4 |
| Xelerance | Openswan | 2.4.5 |
| Xelerance | Openswan | 2.4.9 |
| Xelerance | Openswan | 2.4.10 |
| Xelerance | Openswan | 2.6.03 |
| Xelerance | Openswan | 2.6.04 |
| Xelerance | Openswan | 2.6.05 |
| Xelerance | Openswan | 2.6.06 |
| Xelerance | Openswan | 2.6.07 |
| Xelerance | Openswan | 2.6.08 |
| Xelerance | Openswan | 2.6.09 |
| Xelerance | Openswan | 2.6.10 |
| Xelerance | Openswan | 2.6.11 |
| Xelerance | Openswan | 2.6.12 |
| Xelerance | Openswan | 2.6.13 |
| Xelerance | Openswan | 2.6.14 |
Showing 50 of 56 affected configurations. See NVD for the full list.
References
- http://download.strongswan.org/CHANGES2.txtVendor Advisory
- http://download.strongswan.org/CHANGES4.txtVendor Advisory
- http://download.strongswan.org/CHANGES42.txtVendor Advisory
- http://secunia.com/advisories/35522Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1639Vendor Advisory
- http://download.strongswan.org/CHANGES2.txtVendor Advisory
- http://download.strongswan.org/CHANGES4.txtVendor Advisory
- http://download.strongswan.org/CHANGES42.txtVendor Advisory
- http://secunia.com/advisories/35522Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1639Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-2185?
How severe is CVE-2009-2185?
How do I fix CVE-2009-2185?
Are you affected by CVE-2009-2185?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST