Vulnerability CVE-2009-2185

Vulnerability Name:

CVE-2009-2185 (CCN-51286)

Assigned:

2009-06-21

Published:

2009-06-21

Updated:

2019-07-29

Summary:

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2009-2185

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES2.txt

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES4.txt

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES42.txt

Source: CCN
Type: strongSwan Web site
strongswan-2.x.x_asn1_rdn.readme

Source: CCN
Type: Openswan GIT Repository
Malicious X.509 certificates could crash the asn.1 parser. Found by Orange Labs vulnerability research team.

Source: CCN
Type: Openswan Web site
CHANGES

Source: CCN
Type: RHSA-2009-1138
Important: openswan security update

Source: CCN
Type: SA35522
strongSwan ASN.1 Parsing Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35522

Source: CCN
Type: SA35563
Openswan ASN.1 Parsing Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
35698

Source: SECUNIA
Type: UNKNOWN
35740

Source: SECUNIA
Type: UNKNOWN
35804

Source: SECUNIA
Type: UNKNOWN
36922

Source: SECUNIA
Type: UNKNOWN
36950

Source: CCN
Type: SA37504
Ingate Firewall and SIParator Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
37504

Source: CCN
Type: SECTRACK ID: 1022428
strongSwan X.509 RDN and Time String Processing Bugs Let Remote Users Deny Service

Source: CCN
Type: ASA-2009-260
openswan security update (RHSA-2009-1138)

Source: CONFIRM
Type: UNKNOWN
http://up2date.astaro.com/2009/07/up2date_7404_released.html

Source: DEBIAN
Type: UNKNOWN
DSA-1898

Source: DEBIAN
Type: UNKNOWN
DSA-1899

Source: DEBIAN
Type: DSA-1898
openswan -- denial of service

Source: DEBIAN
Type: DSA-1899
strongswan -- several vulnerabilities

Source: CCN
Type: GLSA-200909-05
Openswan: Denial of Service

Source: CCN
Type: Ingate Web Site
Release notice for Ingate Firewall® 4.8.1 and Ingate SIParator® 4.8.1

Source: CONFIRM
Type: UNKNOWN
http://www.ingate.com/Relnote.php?ver=481

Source: REDHAT
Type: UNKNOWN
RHSA-2009:1138

Source: BID
Type: Patch
35452

Source: CCN
Type: BID-35452
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1022428

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1639

Source: VUPEN
Type: UNKNOWN
ADV-2009-1706

Source: VUPEN
Type: UNKNOWN
ADV-2009-1829

Source: VUPEN
Type: UNKNOWN
ADV-2009-3354

Source: XF
Type: UNKNOWN
strongswan-asn1-rdn-dos(51286)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11079

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-7423

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-7478

Source: SUSE
Type: SUSE-SR:2009:013
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:strongswan:strongswan:2.8.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.1:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.2:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.3:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.4:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.5:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.6:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.7:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.8:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.9:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.10:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.1:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.1:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.2:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.3:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.4:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.5:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.6:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.7:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.8:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.9:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.10:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.11:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.12:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.13:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.14:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.15:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.3.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.3.1:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.1:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.2:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.3:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.4:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.5:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.9:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.4.10:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.03:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.04:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.05:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.06:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.07:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.08:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.09:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.10:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.11:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.12:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.13:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.14:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.15:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.16:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.17:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.18:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.19:*:*:*:*:*:*:*

OR cpe:/a:xelerance:openswan:2.6.20:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*

OR cpe:/h:ingate:ingate_firewall:4.5.1:*:*:*:*:*:*:*

OR cpe:/h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:*

OR cpe:/h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:*

OR cpe:/h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.7:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.2.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.6:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.1.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.13:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.8:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.3.0:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:2.8.9:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.14:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.2.15:*:*:*:*:*:*:*

OR cpe:/a:strongswan:strongswan:4.3.1:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Vulnerability Name:

CVE-2009-2185 (CCN-51287)

Assigned:

2009-06-21

Published:

2009-06-21

Updated:

2019-07-29

Summary:

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Athentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Access Complexity (AC): Authentication (Au):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2009-2185

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES2.txt

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES4.txt

Source: CONFIRM
Type: Vendor Advisory
http://download.strongswan.org/CHANGES42.txt

Source: CCN
Type: strongSwan Web site
strongswan-2.x.x_asn1_time.readme

Source: CCN
Type: Openswan GIT Repository
Malicious X.509 certificates could crash the asn.1 parser. Found by Orange Labs vulnerability research team.

Source: CCN
Type: Openswan Web site
CHANGES

Source: CCN
Type: RHSA-2009-1138
Important: openswan security update

Source: CCN
Type: SA35522
strongSwan ASN.1 Parsing Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35522

Source: CCN
Type: SA35563
Openswan ASN.1 Parsing Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
35698

Source: SECUNIA
Type: UNKNOWN
35740

Source: SECUNIA
Type: UNKNOWN
35804

Source: SECUNIA
Type: UNKNOWN
36922

Source: SECUNIA
Type: UNKNOWN
36950

Source: CCN
Type: SA37504
Ingate Firewall and SIParator Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
37504

Source: CCN
Type: SECTRACK ID: 1022428
strongSwan X.509 RDN and Time String Processing Bugs Let Remote Users Deny Service

Source: CCN
Type: ASA-2009-260
openswan security update (RHSA-2009-1138)

Source: CONFIRM
Type: UNKNOWN
http://up2date.astaro.com/2009/07/up2date_7404_released.html

Source: DEBIAN
Type: UNKNOWN
DSA-1898

Source: DEBIAN
Type: UNKNOWN
DSA-1899

Source: DEBIAN
Type: DSA-1898
openswan -- denial of service

Source: DEBIAN
Type: DSA-1899
strongswan -- several vulnerabilities

Source: CCN
Type: GLSA-200909-05
Openswan: Denial of Service

Source: CCN
Type: Ingate Web Site
Release notice for Ingate Firewall® 4.8.1 and Ingate SIParator® 4.8.1

Source: CONFIRM
Type: UNKNOWN
http://www.ingate.com/Relnote.php?ver=481

Source: REDHAT
Type: UNKNOWN
RHSA-2009:1138

Source: BID
Type: Patch
35452

Source: CCN
Type: BID-35452
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1022428

Source: VUPEN
Type: Vendor Advisory
ADV-2009-1639

Source: VUPEN
Type: UNKNOWN
ADV-2009-1706

Source: VUPEN
Type: UNKNOWN
ADV-2009-1829

Source: VUPEN
Type: UNKNOWN
ADV-2009-3354

Source: XF
Type: UNKNOWN
strongswan-asn1-utctime-dos(51287)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11079

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-7423

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-7478

Source: SUSE
Type: SUSE-SR:2009:013
SUSE Security Summary Report

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20092185	V	CVE-2009-2185	2022-05-20
oval:org.opensuse.security:def:42201	P	Security update for libmspack (Low)	2022-01-13
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:31715	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:31307	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:31699	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:31273	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:26120	P	Security update for xerces-c (Important)	2021-09-03
oval:org.opensuse.security:def:31262	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:31261	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:26076	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:31628	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:26062	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:31175	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:32081	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31347	P	Security update for java-1_8_0-ibm (Important)	2021-02-26
oval:org.opensuse.security:def:32015	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:31089	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31090	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35621	P	openswan-2.6.16-1.34.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35794	P	openswan-2.6.16-1.36.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42028	P	openswan-2.6.16-1.34.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31101	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:31804	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:31871	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:25598	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26621	P	openswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25629	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:31843	P	Security update for cairo (Moderate)	2020-12-01
oval:org.opensuse.security:def:31927	P	Security update for giflib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25172	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25749	P	Security update for pidgin (Moderate)	2020-12-01
oval:org.opensuse.security:def:25686	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:26758	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31865	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31976	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:25173	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:25802	P	Recommended update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25770	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26793	P	openswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31399	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31909	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25184	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:25851	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25344	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25921	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31456	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:32547	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31479	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32037	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25248	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25890	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25345	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25974	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31543	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:32586	P	openswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:25376	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:25904	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25356	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26023	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:32719	P	libneon27 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25457	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:25948	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:25420	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32758	P	openswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25514	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:26586	P	libexiv2-4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25548	P	Security update for ceph (Important)	2020-12-01
oval:org.mitre.oval:def:29103	P	RHSA-2009:1138 -- openswan security update (Important)	2015-08-17
oval:org.mitre.oval:def:8369	P	DSA-1898 openswan -- denial of service	2015-02-23
oval:org.mitre.oval:def:18226	P	DSA-1898-1 openswan - denial of service	2014-06-23
oval:org.mitre.oval:def:13577	P	DSA-1899-1 strongswan -- several	2014-06-23
oval:org.mitre.oval:def:8047	P	DSA-1899 strongswan -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22909	P	ELSA-2009:1138: openswan security update (Important)	2014-05-26
oval:org.mitre.oval:def:11079	V	The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.	2013-04-29
oval:org.debian:def:1898	V	denial of service	2009-10-02
oval:org.debian:def:1899	V	several vulnerabilities	2009-10-02
oval:com.redhat.rhsa:def:20091138	P	RHSA-2009:1138: openswan security update (Important)	2009-07-02

BACK