Openswan < 2.6.37 Cryptographic Helper Use-After-Free Remote DoS

Medium Nessus Plugin ID 81053


The remote host is affected by a remote denial of service vulnerability.


The remote host is running a version of Openswan prior to version 2.6.37. It is, therefore, affected by a remote denial of service vulnerability due to a use-after-free flaw in the cryptographic helper handler. A remote attacker can exploit this issue to cause a denial of service.


Upgrade to Openswan version 2.6.37 or later.

See Also

Plugin Details

Severity: Medium

ID: 81053

File Name: openswan_ike_50440.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2015/01/28

Modified: 2015/01/29

Dependencies: 62695

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:openswan:openswan

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/10/28

Vulnerability Publication Date: 2011/10/28

Reference Information

CVE: CVE-2011-4073

BID: 50440

OSVDB: 76725