DEBIAN-CVE-2009-2661

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2009-2661
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2661.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2009-2661
Upstream
Published
2009-08-04T16:30:00Z
Modified
2025-09-25T00:11:11.996634Z
Summary
[none]
Details

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.

References

Affected packages

Debian:11 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.2-1.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.2-1.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.2-1.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.2-1.1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}