Launchpad.net

CVE 2011-4073

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.

Related bugs and status

CVE-2011-4073 (Candidate) is related to these bugs:

Bug #914015: Sync openswan 1:2.6.37-1 (universe) from Debian testing (main)

Summary				In	Importance	Status
	914015	Sync openswan 1:2.6.37-1 (universe) from Debian testing (main)		openswan (Ubuntu)	Wishlist	Fix Released

Bug #917754: Multiple security vulnerabilites in openswan package

Summary				In	Importance	Status
	917754	Multiple security vulnerabilites in openswan package		openswan (Ubuntu)	Undecided	Fix Released
	917754	Multiple security vulnerabilites in openswan package		openswan (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

REDHAT: RHSA-2011:1422
BID: 50440
SECTRACK: 1026268
SECUNIA: 46678
SECUNIA: 46681
CONFIRM: http://www.openswan.or...
DEBIAN: DSA-2374
SECUNIA: 47342