Lucene search

[email protected]NVD:CVE-2011-4073

HistoryNov 17, 2011 - 7:55 p.m.

CVE-2011-4073

2011-11-1719:55:01

CWE-399

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.

Affected configurations

NVD

Node

xeleranceopenswanMatch2.3.0

xeleranceopenswanMatch2.3.1

xeleranceopenswanMatch2.4.0

xeleranceopenswanMatch2.4.1

xeleranceopenswanMatch2.4.2

xeleranceopenswanMatch2.4.3

xeleranceopenswanMatch2.4.4

xeleranceopenswanMatch2.4.5

xeleranceopenswanMatch2.4.6

xeleranceopenswanMatch2.4.7

xeleranceopenswanMatch2.4.8

xeleranceopenswanMatch2.4.9

xeleranceopenswanMatch2.4.10

xeleranceopenswanMatch2.4.11

xeleranceopenswanMatch2.4.12

xeleranceopenswanMatch2.4.13

xeleranceopenswanMatch2.5.0

xeleranceopenswanMatch2.5.0sbs4

xeleranceopenswanMatch2.5.0sbs5

xeleranceopenswanMatch2.5.01

xeleranceopenswanMatch2.5.02

xeleranceopenswanMatch2.5.03

xeleranceopenswanMatch2.5.04

xeleranceopenswanMatch2.5.05

xeleranceopenswanMatch2.5.06

xeleranceopenswanMatch2.5.07

xeleranceopenswanMatch2.5.08

xeleranceopenswanMatch2.5.09

xeleranceopenswanMatch2.5.10

xeleranceopenswanMatch2.5.11

xeleranceopenswanMatch2.5.12

xeleranceopenswanMatch2.5.13

xeleranceopenswanMatch2.5.14

xeleranceopenswanMatch2.5.15

xeleranceopenswanMatch2.5.16

xeleranceopenswanMatch2.5.17

xeleranceopenswanMatch2.5.18

xeleranceopenswanMatch2.6.01

xeleranceopenswanMatch2.6.02

xeleranceopenswanMatch2.6.03

xeleranceopenswanMatch2.6.04

xeleranceopenswanMatch2.6.05

xeleranceopenswanMatch2.6.06

xeleranceopenswanMatch2.6.07

xeleranceopenswanMatch2.6.08

xeleranceopenswanMatch2.6.09

xeleranceopenswanMatch2.6.10

xeleranceopenswanMatch2.6.11

xeleranceopenswanMatch2.6.12

xeleranceopenswanMatch2.6.13

xeleranceopenswanMatch2.6.14

xeleranceopenswanMatch2.6.15

xeleranceopenswanMatch2.6.16

xeleranceopenswanMatch2.6.17

xeleranceopenswanMatch2.6.18

xeleranceopenswanMatch2.6.19

xeleranceopenswanMatch2.6.20

xeleranceopenswanMatch2.6.21

xeleranceopenswanMatch2.6.22

xeleranceopenswanMatch2.6.23

xeleranceopenswanMatch2.6.24

xeleranceopenswanMatch2.6.25

xeleranceopenswanMatch2.6.26

xeleranceopenswanMatch2.6.27

xeleranceopenswanMatch2.6.28

xeleranceopenswanMatch2.6.29

xeleranceopenswanMatch2.6.30

xeleranceopenswanMatch2.6.31

xeleranceopenswanMatch2.6.32

xeleranceopenswanMatch2.6.33

xeleranceopenswanMatch2.6.34

xeleranceopenswanMatch2.6.35

xeleranceopenswanMatch2.6.36

References

secunia.com/advisories/46678

secunia.com/advisories/46681

secunia.com/advisories/47342

www.debian.org/security/2011/dsa-2374

www.openswan.org/download/CVE-2011-4073/CVE-2011-4073.txt

www.redhat.com/support/errata/RHSA-2011-1422.html

www.securityfocus.com/bid/50440

www.securitytracker.com/id?1026268

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for NVD:CVE-2011-4073

oraclelinux1 nessus13 openvas18 amazon1 veracode1 securityvulns2 osv1 cve1 debian3 cvelist1 centos1 prion1 redhat1 fedora3 ubuntucve1 gentoo1