• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities

Bugtraq ID:	35452
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2009-2185 CVE-2009-2661
Remote:	Yes
Local:	No
Published:	Jun 18 2009 12:00AM
Updated:	Nov 12 2009 07:16PM
Credit:	Orange Labs vulnerability research team
Vulnerable:	SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 strongSwan strongSwan 4.3.1 strongSwan strongSwan 4.3 strongSwan strongSwan 4.2.15 strongSwan strongSwan 4.2.14 strongSwan strongSwan 4.2.13 strongSwan strongSwan 4.2.7 strongSwan strongSwan 4.2.6 strongSwan strongSwan 4.1 strongSwan strongSwan 2.8.9 strongSwan strongSwan 2.8.8 S.u.S.E. SUSE Linux Enterprise Server 9 S.u.S.E. SUSE Linux Enterprise Server 11 + Linux kernel 2.6.5 S.u.S.E. SUSE Linux Enterprise Server 10 SP2 S.u.S.E. SLE 11 S.u.S.E. SLE 10 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. Novell Linux Desktop 9 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server Openswan Openswan 2.6.21 Openswan Openswan 2.6.20 Openswan Openswan 2.6.16 Openswan Openswan 2.4.14 Openswan Openswan 2.4.13 Openswan Openswan 2.4.4 Openswan Openswan 2.4.2 Openswan Openswan 2.4 MandrakeSoft Multi Network Firewall 2.0 Gentoo Linux Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Astaro Security Gateway 7.402
Not Vulnerable:	strongSwan strongSwan 4.3.3 strongSwan strongSwan 4.3.2 strongSwan strongSwan 4.2.17 strongSwan strongSwan 4.2.16 strongSwan strongSwan 2.8.11 strongSwan strongSwan 2.8.10 Openswan Openswan 2.6.22 Openswan Openswan 2.4.15 Astaro Security Gateway 7.405