Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-11-17T19:00:00
Updated: 2011-11-24T10:00:00
Reserved: 2011-08-30T00:00:00
Link: CVE-2011-3380
JSON object: View
NVD Information
Status : Modified
Published: 2011-11-17T19:55:01.127
Modified: 2019-07-29T13:26:32.937
Link: CVE-2011-3380
JSON object: View
Redhat Information
No data.
CWE