ID CVE-2014-2891
Summary strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
References
Vulnerable Configurations
  • Debian StrongSwan 5.1.2
    cpe:2.3:a:debian:strongswan:5.1.2
  • StrongSwan 5.0.0
    cpe:2.3:a:strongswan:strongswan:5.0.0
  • StrongSwan 5.0.1
    cpe:2.3:a:strongswan:strongswan:5.0.1
  • StrongSwan 5.0.2
    cpe:2.3:a:strongswan:strongswan:5.0.2
  • StrongSwan 5.0.3
    cpe:2.3:a:strongswan:strongswan:5.0.3
  • StrongSwan 5.0.4
    cpe:2.3:a:strongswan:strongswan:5.0.4
  • StrongSwan strongSwan 5.1.0
    cpe:2.3:a:strongswan:strongswan:5.1.0
  • StrongSwan strongSwan 5.1.1
    cpe:2.3:a:strongswan:strongswan:5.1.1
CVSS
Base: 5.0 (as of 07-05-2014 - 13:01)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_STRONGSWAN-140514.NASL
    description This update fixes a NULL ptr dereference (DoS) via ID_DER_ASN1_DN ID payloads.
    last seen 2019-02-21
    modified 2014-06-16
    plugin id 76053
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76053
    title SuSE 11.3 Security Update : strongswan (SAT Patch Number 9251)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2922.NASL
    description A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE/IPsec suite used to establish IPsec protected links. By sending a crafted ID_DER_ASN1_DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a NULL pointer dereference in the daemon parsing the identity, leading to a crash and a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73867
    published 2014-05-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73867
    title Debian DSA-2922-1 : strongswan - security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-1228-1.NASL
    description strongswan was updated to fix two security issues : An issue that could enable rogue servers to gain user credentials from a client in certain IKEv2 setups. (CVE-2015-4171) A bug in decoding ID_DER_ASN1_DN ID payloads that could be used for remote denial of service attacks. (CVE-2014-2891) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 84725
    published 2015-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84725
    title SUSE SLES10 Security Update : strongswan (SUSE-SU-2015:1228-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-384.NASL
    description strongswan was fixed to correct two issues : - Fix for DoS vulnerability by a NULL pointer dereference (CVE-2014-2891). - Fix for a authentication bypass vulnerability in the IKEv2 code (CVE-2014-2338).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75367
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75367
    title openSUSE Security Update : strongswan (openSUSE-SU-2014:0697-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-26.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-26 (strongSwan: Multiple Vulnerabilities) A NULL pointer dereference and an error in the IKEv2 implementation have been found in strongSwan. Impact : A remote attacker could create a Denial of Service condition or bypass security restrictions. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 79979
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79979
    title GLSA-201412-26 : strongSwan: Multiple Vulnerabilities
refmap via4
bid 67212
confirm http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html
debian DSA-2922
secunia 59864
suse
  • openSUSE-SU-2014:0697
  • openSUSE-SU-2014:0700
Last major update 06-01-2017 - 21:59
Published 07-05-2014 - 06:55
Last modified 13-08-2018 - 17:47
Back to Top