Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2891

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2891
Last Modified 31 May 2014 12:33:09
Published 07 May 2014 06:55:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2891

Summary

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

Vulnerable Systems

Application

  • Debian Strongswan 5.1.2

  • Strongswan 5.0.0

  • Strongswan 5.0.1

  • Strongswan 5.0.2

  • Strongswan 5.0.3

  • Strongswan 5.0.4

  • Strongswan 5.1.0

  • Strongswan 5.1.1


References

CONFIRM - http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html

BID - 67212

DEBIAN - DSA-2922

SUSE - openSUSE-SU-2014:0700

SUSE - openSUSE-SU-2014:0697


Last Updated: 27 May 2016 11:05:26