Candidate: CVE-2009-1958
PublicDate: 2009-06-08 01:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1958
Description:
 charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before
 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows
 remote attackers to cause a denial of service via an IKE_AUTH request
 without a (1) TSi or (2) TSr traffic selector.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531612
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_strongswan:
 upstream: http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.patch
upstream_strongswan: released (4.3.1)
dapper_strongswan: DNE
hardy_strongswan: ignored (reached end-of-life)
intrepid_strongswan: needs-triage (reached end-of-life)
jaunty_strongswan: ignored (reached end-of-life)
karmic_strongswan: not-affected (4.3.2-1)
lucid_strongswan: not-affected (4.3.2-1)
maverick_strongswan: not-affected (4.3.2-1)
natty_strongswan: not-affected (4.3.2-1)
oneiric_strongswan: not-affected (4.3.2-1)
devel_strongswan: not-affected (4.3.2-1)