Unrated severityNVD Advisory· Published May 7, 2014· Updated May 6, 2026
CVE-2014-2891
CVE-2014-2891
Description
strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Affected products
8cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*range: <=5.1.1
- cpe:2.3:a:strongswan:strongswan:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:strongswan:strongswan:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:strongswan:strongswan:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:strongswan:strongswan:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:strongswan:strongswan:5.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.opensuse.org/opensuse-updates/2014-05/msg00064.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-05/msg00066.htmlnvd
- secunia.com/advisories/59864nvd
- www.debian.org/security/2014/dsa-2922nvd
- www.securityfocus.com/bid/67212nvd
- www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-%28cve-2014-2891%29.htmlnvd
News mentions
0No linked articles in our index yet.