Intrusion Prevention

Openswan.DPD.DoS

Description

This indicates an attack on a denial of service vulnerability in Openswan.
The vulnerability is caused by an error when the vulnerable software handles a malicious DPD packet. It allows a remote attacker to crash the pluto daemon.

Affected Products

Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9

Impact

Denial of Service

Recommended Actions

Upgrade to a latest version, or apply the appropriate patch as listed at http://www.openswan.org/CVE-2009-0790/

CVE References

CVE-2009-0790