Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openswan | Xelerance | 2.6.29 (including) | 2.6.29 (including) |
Openswan | Xelerance | 2.6.30 (including) | 2.6.30 (including) |
Openswan | Xelerance | 2.6.31 (including) | 2.6.31 (including) |
Openswan | Xelerance | 2.6.32 (including) | 2.6.32 (including) |
Openswan | Xelerance | 2.6.33 (including) | 2.6.33 (including) |
Openswan | Xelerance | 2.6.34 (including) | 2.6.34 (including) |
Openswan | Xelerance | 2.6.35 (including) | 2.6.35 (including) |
Red Hat Enterprise Linux 6 | RedHat | openswan-0:2.6.32-4.el6_1.2 | * |