CVE-2009-1958

EPSS 1.7%

Published: 6/8/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-1958

Description

charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.

Affected packages (1)

Debian/strongswanfrom 0, < 4.2.14-1.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1958