CVE-2009-1957

Name of the Vulnerable Software and Affected Versions: strongSWAN versions prior to 4.3.1

Description: The issue allows remote attackers to cause a denial of service, resulting in a crash due to a NULL pointer dereference. This occurs when an invalid IKE SA INIT request is sent, triggering an incomplete state, followed by a CREATE CHILD SA request.

Recommendations: For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.