Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4971
HistoryApr 01, 2009 - 12:00 a.m.

Openswan和strongSwan DPD报文远程拒绝服务漏洞

2009-04-0100:00:00
Root
www.seebug.org
14

0.907 High

EPSS

Percentile

98.5%

JSON

BUGTRAQ ID: 34296
CVE(CAN) ID: CVE-2009-0790

Openswan和strongSwan都是Linux系统下的IPSEC实现。

死亡对等体检测(DPD)是IPsec IKE通知消息,使用ICOOKIE/RCOOKIE机制将入站报文匹配到已知的安全关联(ISAKMP)。在一个端点的ISAKMP状态已过期但另一个端点仍在使用旧状态发送DPD通知的情况下,如果远程攻击者向Openswan和strongSwan发送了恶意的R_U_THERE或 R_U_THERE_ACK通知报文的话,就会在不存在的状态对象st上触发空指针引用,导致pluto IKE守护程序崩溃并重启。

由于这种状态查询是在加密或解密之前执行的,因此可无需经过phase1(ISAKMP)协商便触发这个漏洞。

Openswan Openswan < 2.6.21
strongSwan strongSwan < 4.2.14
厂商补丁:

Debian

Debian已经为此发布了一个安全公告(DSA-1759-1)以及相应补丁:
DSA-1759-1:New strongswan packages fix denial of service
链接:<a href=“http://www.debian.org/security/2009/dsa-1759” target=“_blank”>http://www.debian.org/security/2009/dsa-1759</a>

补丁下载:

Source archives:

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.dsc” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.dsc</a>
Size/MD5 checksum: 811 15760a0423c8cf0829c0f71d5424ab27
<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg.orig.tar.gz</a>
Size/MD5 checksum: 3155518 8b9ac905b9bcd41fb826e3d67e90a33d
<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.diff.gz” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1.diff.gz</a>
Size/MD5 checksum: 57545 276bae2bae3230bcef527b44f3b9fb99

alpha architecture (DEC Alpha)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_alpha.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_alpha.deb</a>
Size/MD5 checksum: 1197696 7fc7c6438f1c2739373c193784934461

amd64 architecture (AMD x86_64 (AMD64))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_amd64.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_amd64.deb</a>
Size/MD5 checksum: 1100438 4004ce8cfc2b2de41712a4d73a520de2

arm architecture (ARM)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_arm.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_arm.deb</a>
Size/MD5 checksum: 1070794 dc1e10007ea82d547591052d032e0216

hppa architecture (HP PA RISC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_hppa.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_hppa.deb</a>
Size/MD5 checksum: 1136062 9f5996ea05d930e0a7a361336263be58

i386 architecture (Intel ia32)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_i386.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_i386.deb</a>
Size/MD5 checksum: 1051780 25b41b38e8698a6f61b3f4f523ca52c7

ia64 architecture (Intel ia64)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_ia64.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_ia64.deb</a>
Size/MD5 checksum: 1454480 19818a3ec7756710ea1abfdbd9ebadcc

mips architecture (MIPS (Big Endian))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mips.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mips.deb</a>
Size/MD5 checksum: 1124636 be7189aac59d98fbec7a9bf9a5f7b74d

mipsel architecture (MIPS (Little Endian))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb</a>
Size/MD5 checksum: 1130402 25bdc2ca2651db73a88f079902a35f43

powerpc architecture (PowerPC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb</a>
Size/MD5 checksum: 1097994 e1eb29c9c4dd776259178308a6b40a04

s390 architecture (IBM S/390)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_s390.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_s390.deb</a>
Size/MD5 checksum: 1084268 90b6459bb59a264eaf1aa2b26ed82acd

sparc architecture (Sun SPARC/UltraSPARC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_sparc.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_2.8.0+dfsg-1+etch1_sparc.deb</a>
Size/MD5 checksum: 1024106 9ad2a093d9efad364a0eb80a0f20057f

Debian GNU/Linux 5.0 alias lenny

Debian (stable)

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.dsc” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.dsc</a>
Size/MD5 checksum: 1310 c6dc3521aee080f275ea0f65ded35bca
<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.diff.gz” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1.diff.gz</a>
Size/MD5 checksum: 57299 b6d1af4a7144d5289400f35dcd18eb5e
<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4.orig.tar.gz</a>
Size/MD5 checksum: 3295212 92ddfaedd6698bc6640927def271d476

alpha architecture (DEC Alpha)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_alpha.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_alpha.deb</a>
Size/MD5 checksum: 1301122 7c83dcbdcdb177e9bc83361d4c064f6d

amd64 architecture (AMD x86_64 (AMD64))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_amd64.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_amd64.deb</a>
Size/MD5 checksum: 1178112 875f877f564c88b885ebf68be2478f0c

arm architecture (ARM)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_arm.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_arm.deb</a>
Size/MD5 checksum: 1034248 3c20d44508cc5255c3e6ad74cf9cac9c

armel architecture (ARM EABI)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_armel.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_armel.deb</a>
Size/MD5 checksum: 1034868 457ca8749ced0c177c5825ca953423e7

hppa architecture (HP PA RISC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_hppa.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_hppa.deb</a>
Size/MD5 checksum: 1214270 353bde7aacb7e5a875ba8d715da70caa

i386 architecture (Intel ia32)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_i386.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_i386.deb</a>
Size/MD5 checksum: 1099806 02a117d38e15ecf3e0b2667985b7710e

ia64 architecture (Intel ia64)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_ia64.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_ia64.deb</a>
Size/MD5 checksum: 1615308 d0f1ed5581a772eecf3801a45d57ab95

mips architecture (MIPS (Big Endian))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mips.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mips.deb</a>
Size/MD5 checksum: 1158540 656a66202077e4f55d24433af6ab3ce5

mipsel architecture (MIPS (Little Endian))

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mipsel.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_mipsel.deb</a>
Size/MD5 checksum: 1157848 614cad1bdd081160a3fe74e3d1e4e902

powerpc architecture (PowerPC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_powerpc.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_powerpc.deb</a>
Size/MD5 checksum: 1228470 6dbb9fa6379444c2f0cebba7fc417027

s390 architecture (IBM S/390)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_s390.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_s390.deb</a>
Size/MD5 checksum: 1258802 d92712a84cbb2d2c181546927d4f9f36

sparc architecture (Sun SPARC/UltraSPARC)

<a href=“http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_sparc.deb” target=“_blank”>http://security.debian.org/pool/updates/main/s/strongswan/strongswan_4.2.4-5+lenny1_sparc.deb</a>
Size/MD5 checksum: 1142494 cd69f7750be1e6cc0e83003e74480bde

补丁安装方法:

  1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件:

wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:

dpkg -i file.deb (file是相应的补丁名)

  1. 使用apt-get自动安装补丁包:

    首先,使用下面的命令更新内部数据库:

    apt-get update

    然后,使用下面的命令安装更新软件包:

    apt-get upgrade

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2009:0402-01)以及相应补丁:
RHSA-2009:0402-01:Important: openswan security update
链接:<a href=“https://www.redhat.com/support/errata/RHSA-2009-0402.html” target=“_blank”>https://www.redhat.com/support/errata/RHSA-2009-0402.html</a>

Openswan

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.openswan.org/CVE-2009-0790/” target=“_blank”>http://www.openswan.org/CVE-2009-0790/</a>

Related

prion 1
nessus 17
openvas 25
altlinux 3
debiancve 1
checkpoint_advisories 1
securityvulns 2
cve 1
debian 2
veracode 1
ubuntucve 1
fedora 1
osv 1
oraclelinux 1
centos 1
redhat 1
gentoo 1
prion
prion
Null pointer dereference
2009-04-01 10:30:00
nessus
nessus
openSUSE Security Update : openswan (openswan-687)
2009-07-21 00:00:00
SuSE 11 Security Update : strongswan (SAT Patch Number 677)
2009-09-24 00:00:00
openSUSE 10 Security Update : openswan (openswan-6119)
2009-04-08 00:00:00
openvas
openvas
SLES10: Security update for strongswan
2009-10-13 00:00:00
Debian Security Advisory DSA 1759-1 (strongswan)
2009-04-06 00:00:00
SLES11: Security update for openswan
2009-10-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package strongswan version 4.2.14-alt1
2009-05-13 00:00:00
Security fix for the ALT Linux 6 package strongswan version 4.2.14-alt1
2009-05-13 00:00:00
Security fix for the ALT Linux 5 package strongswan version 4.2.14-alt1
2009-05-13 00:00:00
debiancve
debiancve
CVE-2009-0790
2009-04-01 10:30:00
checkpoint_advisories
checkpoint_advisories
OpenSwan and StrongSwan DPD Packet Remote Denial of Service - Ver2 (CVE-2009-0790)
2014-03-31 00:00:00
securityvulns
securityvulns
Openswan / Strongswan DoS
2009-04-01 00:00:00
CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan &amp; Strongswan IPsec
2009-04-01 00:00:00
cve
cve
CVE-2009-0790
2009-04-01 10:30:00
debian
debian
[SECURITY] [DSA 1759-1] New strongswan packages fix denial of service
2009-03-30 23:49:47
[SECURITY] [DSA 1760-1] New openswan packages fix denial of service
2009-03-30 23:50:09
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:31:21
ubuntucve
ubuntucve
CVE-2009-0790
2009-04-01 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: openswan-2.6.21-2.fc10
2009-07-11 16:56:13
osv
osv
openswan - denial of service
2009-03-30 00:00:00
oraclelinux
oraclelinux
openswan security update
2009-03-30 00:00:00
centos
centos
openswan security update
2009-04-09 10:33:25
redhat
redhat
(RHSA-2009:0402) Important: openswan security update
2009-03-30 00:00:00
gentoo
gentoo
Openswan: Denial of service
2009-09-09 00:00:00

0.907 High

EPSS

Percentile

98.5%

JSON
Related for SSV:4971
prion1nessus17openvas25altlinux3debiancve1checkpoint_advisories1securityvulns2cve1debian2veracode1ubuntucve1fedora1osv1oraclelinux1centos1redhat1gentoo1