VYPR
Unrated severityNVD Advisory· Published Aug 4, 2009· Updated Jun 16, 2026

CVE-2009-2661

CVE-2009-2661

Description

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

25
  • cpe:2.3:a:strongswan:strongswan:2.8.0:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:strongswan:strongswan:2.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.10:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:2.8.8:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:strongswan:strongswan:4.3.2:*:*:*:*:*:*:*
    • (no CPE)range: >=2.8,<2.8.11 || >=4.2,<4.2.17 || >=4.3,<4.3.3

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.