5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.834 High
EPSS
Percentile
98.4%
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | strongswan | <Β 4.2.14-1 | strongswan_4.2.14-1_all.deb |
Debian | 11 | all | strongswan | <Β 4.2.14-1 | strongswan_4.2.14-1_all.deb |
Debian | 10 | all | strongswan | <Β 4.2.14-1 | strongswan_4.2.14-1_all.deb |
Debian | 999 | all | strongswan | <Β 4.2.14-1 | strongswan_4.2.14-1_all.deb |
Debian | 13 | all | strongswan | <Β 4.2.14-1 | strongswan_4.2.14-1_all.deb |