Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-4551HistoryOct 14, 2008 - 8:00 p.m.
CVE-2008-4551
2008-10-1420:00:01
Debian Security Bug Tracker
security-tracker.debian.org
11
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | strongswan | < 4.2.4-5 | strongswan_4.2.4-5_all.deb |
| Debian | 11 | all | strongswan | < 4.2.4-5 | strongswan_4.2.4-5_all.deb |
| Debian | 10 | all | strongswan | < 4.2.4-5 | strongswan_4.2.4-5_all.deb |
| Debian | 999 | all | strongswan | < 4.2.4-5 | strongswan_4.2.4-5_all.deb |
| Debian | 13 | all | strongswan | < 4.2.4-5 | strongswan_4.2.4-5_all.deb |
Related
cvelist
cvelist
CVE-2008-4551
2008-10-14 19:00:00
openvas
openvas
SLES10: Security update for strongswan
2009-10-13 00:00:00
SLES10: Security update for strongswan
2009-10-13 00:00:00
nessus
nessus
openSUSE Security Update : strongswan (strongswan-255)
2009-07-21 00:00:00
SuSE 10 Security Update : strongswan (ZYPP Patch Number 5693)
2009-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2008-4551
2008-10-14 00:00:00
nvd
nvd
CVE-2008-4551
2008-10-14 20:00:01
cve
cve
CVE-2008-4551
2008-10-14 20:00:01
prion
prion
Null pointer dereference
2008-10-14 20:00:00
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.2%
Related for DEBIANCVE:CVE-2008-4551