Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xelerance Openswan IKEv2 输入验证漏洞
Vulnerability Description
Xelerance Openswan是加拿大Xelerance公司的一个基于FreeS/WAN项目的用于Linux系统下的IPSEC实现,它主要用于保证数据传输中的安全性、完整性等问题。 Xelerance Openswan 2.6.40版本中存在安全漏洞。远程攻击者可借助特制的IKEv2数据包利用该漏洞造成拒绝服务(空指针逆向引用和IKE守护进程重启)。(说明:该漏洞由于CVE-2013-6466的补丁没有完全修复)
CVSS Information
N/A
Vulnerability Type
N/A