CVE-2011-4073 - Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 thr

CVE-2011-4073

Summary

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.

References

Vulnerable Configurations

cpe:2.3:a:xelerance:openswan:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:sbs4:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:sbs4:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:sbs5:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.0:sbs5:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.01:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.01:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.02:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.02:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.03:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.03:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.04:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.04:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.05:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.05:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.06:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.06:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.07:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.07:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.08:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.08:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.09:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.09:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.14:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.14:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.15:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.15:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.16:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.16:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.17:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.17:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.18:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.5.18:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.01:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.01:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.02:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.02:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.03:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.03:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.04:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.04:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.05:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.05:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.06:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.06:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.07:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.07:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.08:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.08:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.09:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.09:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.17:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.17:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.19:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.19:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.20:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.20:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.21:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.21:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.22:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.22:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.23:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.23:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.24:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.24:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.25:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.25:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.27:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.27:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.28:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.28:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.29:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.29:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.30:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.30:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.31:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.31:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.32:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.32:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.33:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.33:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.34:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.34:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.35:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.35:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.36:*:*:*:*:*:*:*
cpe:2.3:a:xelerance:openswan:2.6.36:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 29-07-2019 - 14:24)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:P

redhat via4

advisories

bugzilla

id	748961
title	CVE-2011-4073 openswan: use-after-free vulnerability leads to DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment openswan is earlier than 0:2.6.32-4.el6_1.4
oval oval:com.redhat.rhsa:tst:20111422001
comment openswan is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100892002

AND

comment openswan-doc is earlier than 0:2.6.32-4.el6_1.4
oval oval:com.redhat.rhsa:tst:20111422003
comment openswan-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100892004

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment openswan is earlier than 0:2.6.21-5.el5_7.6
oval oval:com.redhat.rhsa:tst:20111422006
comment openswan is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20090402002

AND

comment openswan-doc is earlier than 0:2.6.21-5.el5_7.6
oval oval:com.redhat.rhsa:tst:20111422008
comment openswan-doc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20090402004

rhsa

id	RHSA-2011:1422
released	2011-11-02
severity	Moderate
title	RHSA-2011:1422: openswan security update (Moderate)

rpms

openswan-0:2.6.21-5.el5_7.6
openswan-0:2.6.32-4.el6_1.4
openswan-debuginfo-0:2.6.21-5.el5_7.6
openswan-debuginfo-0:2.6.32-4.el6_1.4
openswan-doc-0:2.6.21-5.el5_7.6
openswan-doc-0:2.6.32-4.el6_1.4

refmap via4

bid	50440
confirm	http://www.openswan.org/download/CVE-2011-4073/CVE-2011-4073.txt
debian	DSA-2374
sectrack	1026268
secunia	46678 46681 47342

Last major update

29-07-2019 - 14:24

Published

17-11-2011 - 19:55

Last modified

29-07-2019 - 14:24