CVE-2013-6466

Name of the Vulnerable Software and Affected Versions Openswan versions prior to 2.6.39

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and IKE daemon restart, via IKEv2 packets that lack expected payloads. This can lead to disruption of protected information availability. The exploitation of this issue can be performed remotely.

Recommendations For versions prior to 2.6.39, update to a version later than 2.6.39 to resolve the issue. As a temporary workaround, consider restricting access to IKEv2 packets to minimize the risk of exploitation.