[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-9221Date: (C)2015-01-08   (M)2023-12-22


strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-62071
SECUNIA-62083
SECUNIA-62095
SECUNIA-62663
BID-71894
DSA-3118
FEDORA-2015-3043
USN-2450-1
http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html
http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-%28cve-2014-9221%29.html
openSUSE-SU-2015:0114

CPE    24
cpe:/a:strongswan:strongswan:4.6.3
cpe:/a:strongswan:strongswan:4.6.2
cpe:/a:strongswan:strongswan:4.5.3
cpe:/a:strongswan:strongswan:4.6.1
...
CWE    1
CWE-19
OVAL    7
oval:org.secpod.oval:def:702346
oval:org.secpod.oval:def:108562
oval:org.secpod.oval:def:109457
oval:org.secpod.oval:def:109449
...

© SecPod Technologies