CVE-2009-0790 - Vulnerability Details

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux
Strongswan	Strongswan
Xelerance	Openswan

Configuration 1 [-]

OR	cpe:2.3:a:strongswan:strongswan:2.4.0:::::::*
	cpe:2.3:a:strongswan:strongswan:2.4.0a:::::::*
	cpe:2.3:a:strongswan:strongswan:2.4.1:::::::*
	cpe:2.3:a:strongswan:strongswan:2.4.2:::::::*
	cpe:2.3:a:strongswan:strongswan:2.4.3:::::::*
	cpe:2.3:a:strongswan:strongswan:2.4.4:::::::*
	cpe:2.3:a:strongswan:strongswan:2.6.0:::::::*
	cpe:2.3:a:strongswan:strongswan:2.6.1:::::::*
	cpe:2.3:a:strongswan:strongswan:2.6.2:::::::*
	cpe:2.3:a:strongswan:strongswan:2.6.3:::::::*
	cpe:2.3:a:strongswan:strongswan:2.6.4:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.0:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.1:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.2:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.3:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.4:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.5:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.6:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.7:::::::*
	cpe:2.3:a:strongswan:strongswan:2.8.8:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.0:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.1:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.2:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.3:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.4:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.5:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.6:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.7:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.8:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.9:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.10:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.11:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.12:::::::*
	cpe:2.3:a:strongswan:strongswan:4.2.13:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.0:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.1:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.2:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.3:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.4:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.5:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.9:::::::*
	cpe:2.3:a:xelerance:openswan:2.4.10:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.03:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.04:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.05:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.06:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.07:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.08:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.09:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.10:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.11:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.12:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.13:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.14:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.15:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.16:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.17:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.18:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.19:::::::*
	cpe:2.3:a:xelerance:openswan:2.6.20:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
openswan-0:2.6.14-1.el5_3.2	cpe:/o:redhat:enterprise_linux:5	RHSA-2009:0402	2009-03-30T00:00:00Z

References

Link	Providers
http://download.strongswan.org/CHANGES4.txt
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://secunia.com/advisories/34472
http://secunia.com/advisories/34483
http://secunia.com/advisories/34494
http://secunia.com/advisories/34546
http://www.debian.org/security/2009/dsa-1759
http://www.debian.org/security/2009/dsa-1760
http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt
http://www.redhat.com/support/errata/RHSA-2009-0402.html
http://www.securityfocus.com/archive/1/502270/100/0/threaded
http://www.securityfocus.com/bid/34296
http://www.securitytracker.com/id?1021949
http://www.securitytracker.com/id?1021950
http://www.vupen.com/english/advisories/2009/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/49523
https://nvd.nist.gov/vuln/detail/CVE-2009-0790
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171
https://www.cve.org/CVERecord?id=CVE-2009-0790

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-04-01T10:00:00

Updated: 2024-08-07T04:48:52.007Z

Reserved: 2009-03-04T00:00:00

Link: CVE-2009-0790

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-04-01T10:30:00.267

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-0790

Redhat

Severity : Important

Publid Date: 2009-03-30T00:00:00Z

Links: CVE-2009-0790 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-03-30T00:00:00", "descriptions": [{"lang": "en", "value": "The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "openswan-strongswan-dpd-dos(49523)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49523"}, {"name": "34494", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34494"}, {"name": "oval:org.mitre.oval:def:11171", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171"}, {"name": "34472", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34472"}, {"name": "DSA-1759", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1759"}, {"name": "ADV-2009-0886", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0886"}, {"name": "1021949", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021949"}, {"name": "34546", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34546"}, {"name": "20090330 CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/502270/100/0/threaded"}, {"name": "34483", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34483"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt"}, {"name": "1021950", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021950"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://download.strongswan.org/CHANGES4.txt"}, {"name": "SUSE-SR:2009:009", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"name": "RHSA-2009:0402", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0402.html"}, {"name": "DSA-1760", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1760"}, {"name": "34296", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34296"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:48:52.007Z"}, "title": "CVE Program Container", "references": [{"name": "openswan-strongswan-dpd-dos(49523)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49523"}, {"name": "34494", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34494"}, {"name": "oval:org.mitre.oval:def:11171", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171"}, {"name": "34472", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34472"}, {"name": "DSA-1759", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1759"}, {"name": "ADV-2009-0886", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0886"}, {"name": "1021949", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021949"}, {"name": "34546", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34546"}, {"name": "20090330 CVE-2009-0790: ISAKMP DPD Remote Vulnerability with Openswan & Strongswan IPsec", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/502270/100/0/threaded"}, {"name": "34483", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34483"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt"}, {"name": "1021950", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021950"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://download.strongswan.org/CHANGES4.txt"}, {"name": "SUSE-SR:2009:009", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"name": "RHSA-2009:0402", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0402.html"}, {"name": "DSA-1760", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1760"}, {"name": "34296", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34296"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-0790", "datePublished": "2009-04-01T10:00:00", "dateReserved": "2009-03-04T00:00:00", "dateUpdated": "2024-08-07T04:48:52.007Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "339E325D-B76C-400C-B332-7CA675C4F72B", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.0a:*:*:*:*:*:*:*", "matchCriteriaId": "F90373CD-E5C7-46BE-8C5F-22D3DE12A3E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6B8C12F9-A14F-4BC5-A2CC-18DADE8454C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C78E4DAD-B255-4666-927F-D82AC7396FE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "9B602806-1420-4640-AD17-A2FEFDA6A967", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "A203ADA7-54C9-4F37-A254-0A5378BB9B1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D09EEB6-386C-4A73-BC08-4243BDC49EE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBE3B5F4-063F-4AE9-B589-932751182101", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "6AFD8D5D-7FB7-4B25-B1F2-7850348A6924", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "24F75943-1327-4868-88D5-917D06BCF5E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "A4BE9083-EF34-4B1A-A139-E779E9704F88", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "5518A917-D5D1-4985-BF71-B1A34BD3D5B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "778D7442-F54A-47DF-B87B-3CFA3CF08799", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A4B1F28-B3B8-4E31-8E4E-25F5A29F3AB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "16984E6E-7CA8-4DC3-B800-FFE007617FE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "4C85F0BE-7E89-4B79-A036-9238785BE705", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "8DFF4780-2F92-4DF3-878A-C7E2BD57E39C", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "6C794994-9367-4BBB-8940-BBB44B7C1C5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "082272D3-0FE4-4959-978A-FFF795B52CA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:2.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "8DFEF9B3-C7F7-4588-A174-FAFD39C04116", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "97027262-849C-4DE9-90C9-0D9FBBC9F96B", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8658539D-27D8-47EE-9468-A6B625E6D45F", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "89ACA351-D10F-4D1A-95B0-4B2E329F1E1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7A4D6E89-5313-4016-8A7E-036579330DB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "95A8E226-FCEC-4545-A628-24F5A8103BCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "1B944D80-A8B9-4034-A95B-BA92ADC8D4E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "F5267BCC-A51C-4F3B-840C-49EF9C2A15F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "8CDCDB4B-2DF5-4394-B33A-08A4B6604D92", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "66206A52-373C-4DBB-A3D7-2A7569C0181E", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "F654D3C4-D3A3-41E1-A0D8-3A384319AE08", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "C41F9E10-000D-4F3B-BEA6-DEE87405B89B", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "4F37DFE8-2996-4904-B733-7BAECA95CB48", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "38209DC9-3BE6-49EF-8BA1-6E2BC5D24FEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:strongswan:strongswan:4.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "155EB8F5-7C3C-4293-91EE-62DA561DA54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7841F42-1226-43C4-A007-88847925D872", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "77930F86-13FF-4787-A39F-2D00110AFBFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "7B1ADD64-2503-4EED-9F6F-E425A3406123", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "A3067BE9-4314-42BD-8131-89C4899F7D47", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "E00CA6E5-1F63-4D59-BA72-0F8697671718", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C35A2049-8502-41F2-894E-E39AEBEB6816", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "DD82E956-8C8E-4B38-9E82-4AA9AEFE6891", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "2D0F0EA4-A0DF-48CC-9B42-465A36945503", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.03:*:*:*:*:*:*:*", "matchCriteriaId": "78325087-599F-448B-8C47-570914FF6C59", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.04:*:*:*:*:*:*:*", "matchCriteriaId": "059CFA5C-B262-47AF-94A6-8E74AFB19204", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.05:*:*:*:*:*:*:*", "matchCriteriaId": "12F25627-235B-4312-80A4-4E36DE0E72A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.06:*:*:*:*:*:*:*", "matchCriteriaId": "B3E70B88-6348-42BB-AE96-46BDB1F3C6FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.07:*:*:*:*:*:*:*", "matchCriteriaId": "12A9DF25-48E8-4D52-A267-1BE0437E9000", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.08:*:*:*:*:*:*:*", "matchCriteriaId": "C986533F-E320-46FA-A9F7-DAFDB1A0628A", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.09:*:*:*:*:*:*:*", "matchCriteriaId": "7C77DED4-2696-4172-92B7-43034E61F845", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "2EDCCFDA-99A8-4590-99F1-95F3A5AD70B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "BED1BA7D-B603-49D4-9080-4A9FEC056A69", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "9E8EB86B-2DD9-4C4B-9C9A-E88B2C458C8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "207B98DB-5962-4F62-AF5B-D48EF0C0E2A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "DFB65639-AE3A-4984-93F9-2A8100DCEE6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "B8921D08-FBA3-4C0A-8944-362909C5EB6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "3FBD5312-E44F-4996-AA29-AFED53A90E8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "E1B24C96-47DF-4FA2-8DF4-8241F4964F5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "A5067B83-AB9E-4819-B5A2-B14A96EB54C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.19:*:*:*:*:*:*:*", "matchCriteriaId": "773B9BB2-0F65-4604-AF2C-8AC396DDC094", "vulnerable": true}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.6.20:*:*:*:*:*:*:*", "matchCriteriaId": "AA892169-0079-48D9-AEF5-641748CE1BF2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD."}, {"lang": "es", "value": "El demonio IKE pluto de Openswan y Strongswan IPsec v2.6 anterior a v2.6.21 y v2.4 anterior a v2.4.14, y Strongswan v4.2 anterior a v4.2.14 y v2.8 anteior a v2.8.9; permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio y reinicio) a trav\u00e9s de (1) R_U_THERE o (2) R_U_THERE_ACK Detecci\u00f3n de pares muertos (Dead Peer Detection -DPD) mensaje de Notificaci\u00f3n IKE IPsec que provoca una referencia a puntero nulo relacionado con el estado inconsistente ISAKMP y la falta de un estado de asociacion phase2 en DPD."}], "id": "CVE-2009-0790", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-01T10:30:00.267", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://download.strongswan.org/CHANGES4.txt"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34472"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34483"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34494"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34546"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1759"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1760"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0402.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/502270/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/34296"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1021949"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1021950"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2009/0886"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49523"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://download.strongswan.org/CHANGES4.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34472"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34483"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34494"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.debian.org/security/2009/dsa-1760"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.openswan.org/CVE-2009-0790/CVE-2009-0790.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2009-0402.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/502270/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/34296"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021949"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021950"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/0886"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49523"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11171"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2009:0402", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "openswan-0:2.6.14-1.el5_3.2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2009-03-30T00:00:00Z"}], "bugzilla": {"description": "openswan: ISAKMP DPD remote DoS", "id": "491895", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491895"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD."], "name": "CVE-2009-0790", "public_date": "2009-03-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2009-0790\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-0790"], "threat_severity": "Important"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object