Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2014-2891

Published: 25 April 2014

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

Notes

AuthorNote
jdstrand 
public commit but CVE assignment not public

Priority

Medium

Status

Package Release Status
strongswan
Launchpad, Ubuntu, Debian 		lucid Not vulnerable
(4.3.2-1.1ubuntu1)
precise Ignored
(end of life)
quantal Ignored
(end of life)
saucy Ignored
(end of life)
trusty Not vulnerable
(5.1.2-0ubuntu2)
upstream
Released (5.1.2)
utopic Not vulnerable
(5.1.2-0ubuntu2)
vivid Not vulnerable
(5.1.2-0ubuntu2)
wily Not vulnerable
(5.1.2-0ubuntu2)
xenial Not vulnerable
(5.1.2-0ubuntu2)
yakkety Not vulnerable
(5.1.2-0ubuntu2)
zesty Not vulnerable
(5.1.2-0ubuntu2)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading