Openswan.DPD.DoS
Description
This indicates an attack on a denial of service vulnerability in Openswan.
The vulnerability is caused by an error when the vulnerable software handles a malicious DPD packet. It allows a remote attacker to crash the pluto daemon.
Affected Products
Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9
Impact
Denial of Service
Recommended Actions
Upgrade to a latest version, or apply the appropriate patch as listed at
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |