|
Message-ID: <Pine.GSO.4.51.0906061345480.28142@faron.mitre.org> Date: Sat, 6 Jun 2009 13:45:54 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: OSS-Security Mailinglist <oss-security@...ts.openwall.com> Subject: Re: CVE request: two denial of service bugs in strongswan ====================================================== Name: CVE-2009-1957 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1957 Reference: CONFIRM:http://download.strongswan.org/CHANGES4.txt Reference: CONFIRM:http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.patch Reference: CONFIRM:http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.readme charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request. ====================================================== Name: CVE-2009-1958 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1958 Reference: CONFIRM:http://download.strongswan.org/CHANGES4.txt Reference: CONFIRM:http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.patch Reference: CONFIRM:http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.readme charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.