charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.

Several remote vulnerabilities have been discovered in strongswan, an implementation of the IPSEC and IKE protocols. The Common Vulnerabilities and Exposures project identifies the following problems :

  - CVE-2009-1957 CVE-2009-1958     The charon daemon can crash when processing certain     crafted IKEv2 packets. (The old stable distribution     (etch) was not affected by these two problems because it     lacks IKEv2 support.)

  - CVE-2009-2185 CVE-2009-2661     The pluto daemon could crash when processing a crafted     X.509 certificate.

This update fixes two denial of service bugs that can lead to a remote pre-auth crash while processing a IKE_SA_INIT or a IKE_AUTH request.
CVE-2009-1957 / CVE-2009-1958 have been assigned to this issue.

This update fixes two denial of service bugs that can lead to a remote pre-auth crash while processing a IKE_SA_INIT or a IKE_AUTH request.
CVE-2009-1957 and CVE-2009-1958 have been assigned to this issue.

ID	Name	Product	Family	Severity
44764	Debian DSA-1899-1 : strongswan - several vulnerabilities	Nessus	Debian Local Security Checks	medium
41587	SuSE 10 Security Update : strongswan (ZYPP Patch Number 6286)	Nessus	SuSE Local Security Checks	medium
41455	SuSE 11 Security Update : strongswan (SAT Patch Number 966)	Nessus	SuSE Local Security Checks	medium
40312	openSUSE Security Update : strongswan (strongswan-965)	Nessus	SuSE Local Security Checks	medium
40137	openSUSE Security Update : strongswan (strongswan-965)	Nessus	SuSE Local Security Checks	medium

Detections

Analytics

CVE-2009-1958

high

Tenable Plugins

medium

medium

medium

medium

medium