Candidate: CVE-2008-4551
PublicDate: 2008-10-14 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4551
Description:
 strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of
 service (daemon crash) via an IKE_SA_INIT message with a large number of
 NULL values in a Key Exchange payload, which triggers a NULL pointer
 dereference for the return value of the mpz_export function in the GNU
 Multiprecision Library (GMP).
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_strongswan:
upstream_strongswan: released (4.2.4-5)
dapper_strongswan: DNE
gutsy_strongswan: needed (reached end-of-life)
hardy_strongswan: ignored (reached end-of-life)
intrepid_strongswan: not-affected (4.2.4-5ubuntu1)
jaunty_strongswan: not-affected
karmic_strongswan: not-affected
lucid_strongswan: not-affected
maverick_strongswan: not-affected
natty_strongswan: not-affected
oneiric_strongswan: not-affected
devel_strongswan: not-affected