Openswan < 2.6.36 IKE Packet NULL Pointer Dereference Remote DoS
Medium Nessus Plugin ID 81052
SynopsisThe remote host is affected by a remote denial of service vulnerability.
DescriptionThe remote host is running a version of Openswan prior to version 2.6.36. It is, therefore, affected by a remote denial of service vulnerability due to a NULL pointer dereference flaw. A remote attacker, using a specially crafted ISAKMP message with an invalid KEY_LENGTH attribute, can cause a denial of service.
SolutionUpgrade to Openswan 2.6.36 or later.