CVE-2009-0790

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
strongswanstrongswan
2.4.0
strongswanstrongswan
2.4.0a:a
strongswanstrongswan
2.4.1
strongswanstrongswan
2.4.2
strongswanstrongswan
2.4.3
strongswanstrongswan
2.4.4
strongswanstrongswan
2.6.0
strongswanstrongswan
2.6.1
strongswanstrongswan
2.6.2
strongswanstrongswan
2.6.3
strongswanstrongswan
2.6.4
strongswanstrongswan
2.8.0
strongswanstrongswan
2.8.1
strongswanstrongswan
2.8.2
strongswanstrongswan
2.8.3
strongswanstrongswan
2.8.4
strongswanstrongswan
2.8.5
strongswanstrongswan
2.8.6
strongswanstrongswan
2.8.7
strongswanstrongswan
2.8.8
strongswanstrongswan
4.2.0
strongswanstrongswan
4.2.1
strongswanstrongswan
4.2.2
strongswanstrongswan
4.2.3
strongswanstrongswan
4.2.4
strongswanstrongswan
4.2.5
strongswanstrongswan
4.2.6
strongswanstrongswan
4.2.7
strongswanstrongswan
4.2.8
strongswanstrongswan
4.2.9
strongswanstrongswan
4.2.10
strongswanstrongswan
4.2.11
strongswanstrongswan
4.2.12
strongswanstrongswan
4.2.13
xeleranceopenswan
2.4.0
xeleranceopenswan
2.4.1
xeleranceopenswan
2.4.2
xeleranceopenswan
2.4.3
xeleranceopenswan
2.4.4
xeleranceopenswan
2.4.5
xeleranceopenswan
2.4.9
xeleranceopenswan
2.4.10
xeleranceopenswan
2.6.03
xeleranceopenswan
2.6.04
xeleranceopenswan
2.6.05
xeleranceopenswan
2.6.06
xeleranceopenswan
2.6.07
xeleranceopenswan
2.6.08
xeleranceopenswan
2.6.09
xeleranceopenswan
2.6.10
xeleranceopenswan
2.6.11
xeleranceopenswan
2.6.12
xeleranceopenswan
2.6.13
xeleranceopenswan
2.6.14
xeleranceopenswan
2.6.15
xeleranceopenswan
2.6.16
xeleranceopenswan
2.6.17
xeleranceopenswan
2.6.18
xeleranceopenswan
2.6.19
xeleranceopenswan
2.6.20
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
strongswan
bullseye (security)
5.9.1-1+deb11u4
fixed
bullseye
5.9.1-1+deb11u4
fixed
bookworm
5.9.8-5+deb12u1
fixed
bookworm (security)
5.9.8-5+deb12u1
fixed
sid
5.9.13-2
fixed
trixie
5.9.13-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openswan
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
ignored
intrepid
ignored
hardy
Fixed 1:2.4.9+dfsg-1ubuntu0.1
released
gutsy
ignored
dapper
ignored
strongswan
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
Common Weakness Enumeration
References
http://download.strongswan.org/CHANGES4.txt
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://secunia.com/advisories/34472
http://secunia.com/advisories/34483
http://secunia.com/advisories/34494
http://secunia.com/advisories/34546
http://www.debian.org/security/2009/dsa-1759
http://www.debian.org/security/2009/dsa-1760
http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt
http://www.redhat.com/support/errata/RHSA-2009-0402.html
http://www.securityfocus.com/archive/1/502270/100/0/threaded
http://www.securityfocus.com/bid/34296
http://www.securitytracker.com/id?1021949
http://www.securitytracker.com/id?1021950
http://www.vupen.com/english/advisories/2009/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/49523
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171
http://download.strongswan.org/CHANGES4.txt
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://secunia.com/advisories/34472
http://secunia.com/advisories/34483
http://secunia.com/advisories/34494
http://secunia.com/advisories/34546
http://www.debian.org/security/2009/dsa-1759
http://www.debian.org/security/2009/dsa-1760
http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt
http://www.redhat.com/support/errata/RHSA-2009-0402.html
http://www.securityfocus.com/archive/1/502270/100/0/threaded
http://www.securityfocus.com/bid/34296
http://www.securitytracker.com/id?1021949
http://www.securitytracker.com/id?1021950
http://www.vupen.com/english/advisories/2009/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/49523
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171