cpe:2.3:a:strongswan:strongswan:2.5.2:*:*:*:*:*:*:*
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.
Max CVSS
5.0
EPSS Score
5.97%
Published
2009-06-08
Updated
2009-10-14
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request.
Max CVSS
5.0
EPSS Score
10.62%
Published
2009-06-08
Updated
2009-10-14
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!