Unrated severityNVD Advisory· Published Nov 17, 2011· Updated Jun 16, 2026
CVE-2011-3380
CVE-2011-3380
Description
Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:xelerance:openswan:2.6.29:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:xelerance:openswan:2.6.29:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.30:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.31:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.32:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.33:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.34:*:*:*:*:*:*:*
- cpe:2.3:a:xelerance:openswan:2.6.35:*:*:*:*:*:*:*
- (no CPE)range: 2.6.29 - 2.6.35
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.