Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9221

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-9221
Last Modified 02 Apr 2015 09:59:45
Published 07 Jan 2015 02:59:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9221

Summary

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

Vulnerable Systems

Application

  • Strongswan 4.5.0

  • Strongswan 4.5.1

  • Strongswan 4.5.2

  • Strongswan 4.5.3

  • Strongswan 4.6.0

  • Strongswan 4.6.1

  • Strongswan 4.6.2

  • Strongswan 4.6.3

  • Strongswan 4.6.4

  • Strongswan 5.0.0

  • Strongswan 5.0.1

  • Strongswan 5.0.2

  • Strongswan 5.0.3

  • Strongswan 5.0.4

  • Strongswan 5.1.0

  • Strongswan 5.1.1

  • Strongswan 5.1.2

  • Strongswan 5.1.3

  • Strongswan 5.2.0


References

UBUNTU - USN-2450-1

DEBIAN - DSA-3118

CONFIRM - http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html

CONFIRM - http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html

SECUNIA - 62095

SECUNIA - 62071

SECUNIA - 62663

SUSE - openSUSE-SU-2015:0114

FEDORA - FEDORA-2015-3043


Last Updated: 27 May 2016 11:07:28