CVE-2009-0790: Input Validation
First published: Wed Apr 01 2009(Updated: )
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| strongSwan | =2.4.3 | |
| strongSwan | =2.4.2 | |
| strongSwan | =2.8.0 | |
| strongSwan | =4.2.6 | |
| strongSwan | =2.8.1 | |
| strongSwan | =2.4.4 | |
| strongSwan | =2.6.0 | |
| strongSwan | =4.2.12 | |
| strongSwan | =4.2.10 | |
| strongSwan | =2.8.8 | |
| strongSwan | =2.8.4 | |
| strongSwan | =4.2.9 | |
| strongSwan | =2.6.2 | |
| strongSwan | =2.4.0 | |
| strongSwan | =2.8.3 | |
| strongSwan | =4.2.3 | |
| strongSwan | =4.2.5 | |
| strongSwan | =4.2.8 | |
| strongSwan | =4.2.0 | |
| strongSwan | =2.6.1 | |
| strongSwan | =4.2.1 | |
| strongSwan | =2.8.7 | |
| strongSwan | =2.4.1 | |
| strongSwan | =4.2.13 | |
| strongSwan | =2.8.6 | |
| strongSwan | =4.2.11 | |
| strongSwan | =4.2.4 | |
| strongSwan | =2.6.4 | |
| strongSwan | =2.4.0a | |
| strongSwan | =4.2.7 | |
| strongSwan | =4.2.2 | |
| strongSwan | =2.8.5 | |
| strongSwan | =2.8.2 | |
| strongSwan | =2.6.3 | |
| Openswan | =2.4.1 | |
| Openswan | =2.4.2 | |
| Openswan | =2.4.3 | |
| Openswan | =2.4.4 | |
| Openswan | =2.4.5 | |
| Openswan | =2.4.9 | |
| Openswan | =2.4.10 | |
| Openswan | =2.6.03 | |
| Openswan | =2.6.04 | |
| Openswan | =2.6.05 | |
| Openswan | =2.6.06 | |
| Openswan | =2.6.07 | |
| Openswan | =2.6.08 | |
| Openswan | =2.6.09 | |
| Openswan | =2.6.10 | |
| Openswan | =2.6.11 | |
| Openswan | =2.6.12 | |
| Openswan | =2.6.13 | |
| Openswan | =2.6.14 | |
| Openswan | =2.6.15 | |
| Openswan | =2.6.16 | |
| Openswan | =2.6.17 | |
| Openswan | =2.6.18 | |
| Openswan | =2.6.19 | |
| Openswan | =2.6.20 | |
| Openswan | =2.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id?1021949
- http://secunia.com/advisories/34483
- http://www.securityfocus.com/bid/34296
- http://secunia.com/advisories/34472
- http://www.redhat.com/support/errata/RHSA-2009-0402.html
- http://download.strongswan.org/CHANGES4.txt
- http://secunia.com/advisories/34546
- http://secunia.com/advisories/34494
- http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt
- http://www.debian.org/security/2009/dsa-1759
- http://www.debian.org/security/2009/dsa-1760
- http://www.securitytracker.com/id?1021950
- http://www.vupen.com/english/advisories/2009/0886
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49523
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171
- http://www.securityfocus.com/archive/1/502270/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2009-0790?
CVE-2009-0790 is classified as a denial of service vulnerability that can lead to daemon crashes.
How do I fix CVE-2009-0790?
To resolve CVE-2009-0790, upgrade to Openswan or Strongswan versions 2.6.21 or higher, or 2.4.14 or higher respectively.
Which software is affected by CVE-2009-0790?
CVE-2009-0790 affects Openswan and Strongswan versions prior to 2.6.21 for Openswan and 2.4.14 for Strongswan.
What kind of attack can exploit CVE-2009-0790?
CVE-2009-0790 can be exploited by remote attackers sending specially crafted R_U_THERE or R_U_THERE_ACK packets.
Is there a known workaround for CVE-2009-0790?
There are no widely recommended workarounds for CVE-2009-0790 other than applying the necessary software updates.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/strongswan
- canonical/strongswan
- version/strongswan/2.4.3
- version/strongswan/2.4.2
- version/strongswan/2.8.0
- version/strongswan/4.2.6
- version/strongswan/2.8.1
- version/strongswan/2.4.4
- version/strongswan/2.6.0
- version/strongswan/4.2.12
- version/strongswan/4.2.10
- version/strongswan/2.8.8
- version/strongswan/2.8.4
- version/strongswan/4.2.9
- version/strongswan/2.6.2
- version/strongswan/2.4.0
- version/strongswan/2.8.3
- version/strongswan/4.2.3
- version/strongswan/4.2.5
- version/strongswan/4.2.8
- version/strongswan/4.2.0
- version/strongswan/2.6.1
- version/strongswan/4.2.1
- version/strongswan/2.8.7
- version/strongswan/2.4.1
- version/strongswan/4.2.13
- version/strongswan/2.8.6
- version/strongswan/4.2.11
- version/strongswan/4.2.4
- version/strongswan/2.6.4
- version/strongswan/2.4.0a
- version/strongswan/4.2.7
- version/strongswan/4.2.2
- version/strongswan/2.8.5
- version/strongswan/2.8.2
- version/strongswan/2.6.3
- vendor/xelerance
- canonical/openswan
- version/openswan/2.4.1
- version/openswan/2.4.2
- version/openswan/2.4.3
- version/openswan/2.4.4
- version/openswan/2.4.5
- version/openswan/2.4.9
- version/openswan/2.4.10
- version/openswan/2.6.03
- version/openswan/2.6.04
- version/openswan/2.6.05
- version/openswan/2.6.06
- version/openswan/2.6.07
- version/openswan/2.6.08
- version/openswan/2.6.09
- version/openswan/2.6.10
- version/openswan/2.6.11
- version/openswan/2.6.12
- version/openswan/2.6.13
- version/openswan/2.6.14
- version/openswan/2.6.15
- version/openswan/2.6.16
- version/openswan/2.6.17
- version/openswan/2.6.18
- version/openswan/2.6.19
- version/openswan/2.6.20
- version/openswan/2.4.0