The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Strongswan | Strongswan | 2.8.0 (including) | 2.8.0 (including) |
| Strongswan | Strongswan | 2.8.1 (including) | 2.8.1 (including) |
| Strongswan | Strongswan | 2.8.2 (including) | 2.8.2 (including) |
| Strongswan | Strongswan | 2.8.3 (including) | 2.8.3 (including) |
| Strongswan | Strongswan | 2.8.4 (including) | 2.8.4 (including) |
| Strongswan | Strongswan | 2.8.5 (including) | 2.8.5 (including) |
| Strongswan | Strongswan | 2.8.6 (including) | 2.8.6 (including) |
| Strongswan | Strongswan | 2.8.7 (including) | 2.8.7 (including) |
| Strongswan | Strongswan | 2.8.8 (including) | 2.8.8 (including) |
| Strongswan | Strongswan | 2.8.10 (including) | 2.8.10 (including) |
| Strongswan | Strongswan | 4.2.0 (including) | 4.2.0 (including) |
| Strongswan | Strongswan | 4.2.1 (including) | 4.2.1 (including) |
| Strongswan | Strongswan | 4.2.2 (including) | 4.2.2 (including) |
| Strongswan | Strongswan | 4.2.3 (including) | 4.2.3 (including) |
| Strongswan | Strongswan | 4.2.10 (including) | 4.2.10 (including) |
| Strongswan | Strongswan | 4.2.11 (including) | 4.2.11 (including) |
| Strongswan | Strongswan | 4.2.12 (including) | 4.2.12 (including) |
| Strongswan | Strongswan | 4.2.13 (including) | 4.2.13 (including) |
| Strongswan | Strongswan | 4.2.14 (including) | 4.2.14 (including) |
| Strongswan | Strongswan | 4.2.15 (including) | 4.2.15 (including) |
| Strongswan | Strongswan | 4.2.16 (including) | 4.2.16 (including) |
| Strongswan | Strongswan | 4.3.0 (including) | 4.3.0 (including) |
| Strongswan | Strongswan | 4.3.1 (including) | 4.3.1 (including) |
| Strongswan | Strongswan | 4.3.2 (including) | 4.3.2 (including) |
| Strongswan | Ubuntu | hardy | * |
| Strongswan | Ubuntu | intrepid | * |
| Strongswan | Ubuntu | jaunty | * |
| Strongswan | Ubuntu | karmic | * |
References
- http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch
- http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch
- http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
- http://secunia.com/advisories/36922
- http://up2date.astaro.com/2009/08/up2date_7505_released.html
- http://www.debian.org/security/2009/dsa-1899
- http://www.openwall.com/lists/oss-security/2009/07/27/1
- http://www.vupen.com/english/advisories/2009/2247
- https://lists.strongswan.org/pipermail/announce/2009-July/000056.html
- http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch
- http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch
- http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
- http://secunia.com/advisories/36922
- http://up2date.astaro.com/2009/08/up2date_7505_released.html
- http://www.debian.org/security/2009/dsa-1899
- http://www.openwall.com/lists/oss-security/2009/07/27/1
- http://www.vupen.com/english/advisories/2009/2247
- https://lists.strongswan.org/pipermail/announce/2009-July/000056.html