SUNNYVALE, Calif. - (Business Wire) Mu Dynamics, a pioneer in helping network operators and their vendors
eliminate downtime through proactive service assurance, has discovered and helped remediate a dangerous 0-day vulnerability within
strongSwan’s IKEv2 implementation. strongSwan is an open source IPsec-based virtual private network (VPN) solution for the Linux operating system. IPsec-based VPNs secure corporate
VoIP, email, web, IPTV and other IP-based services over public network infrastructures.
A precise sequence of complex events (the IKEv2 protocol) is required to establish VPN connectivity. strongSwan includes an Internet Key Exchange version 2 implementation (IKEv2) to authenticate users and establish session keys, enabling Internet Protocol (IP) traffic to be encrypted and/or digitally signed within IPsec-based VPNs. Mu Labs discovered that an unauthenticated anonymous attacker could crash a strongSwan-based VPN terminator or other IPsec device using only the very first IKEv2 packet.
“The best defense against this 0-day vulnerability is to immediately upgrade to the patched version of strongSwan,” said Thomas Maufer, Mu Dynamics’ Director of Technical Marketing. “The Mu Labs development team appreciates strongSwan’s extremely rapid response time in producing a fix to this serious bug in just one day."
Other IKEv2 implementations are at least as complex and thus likely vulnerable to similar failures. In order to prevent IPsec VPN service downtime from similar software weakness in complex code, IKEv2 implementations must be subjected to variations on real world service-level traffic throughout the deployment life cycle. For both operators offering IPsec VPN services and their vendors, products must continuously prove they can tolerate unexpected or invalid inputs without experiencing service degradation or downtime.
| Technical Background |
| |
| What: | | strongSwan IKEv2 Denial-of-Service Vulnerability |
| | |
| Affected Products/Versions: | | strongSwan 4.2.6 and other branches |
| | |
| Product Overview: | | strongSwan is an open source IPsec-based VPN Solution for the Linux operating system. |
| | |
| Vulnerability Details: | | An IKE_SA_INIT message with a Key Exchange payload containing a large number of NULL values can cause a crash of the IKEv2 charon daemon. The problem is strongSwan dereferences a NULL pointer returned by the mpz_export() function of the GNU Multiprecision Library (GMP). |
| | |
| Vendor Response/Solution: | | Fixed in strongSwan 4.2.7 and other branches. Available from www.strongswan.org |
| | |
| History: | | First contact with vendor: September 16, 2008 |
| | Vendor releases fix: September 17, 2008 |
| | |
| See also: | | http://wiki.strongswan.org/changeset/4345 |
| | |
| Credit: | | The Mu Dynamics research team discovered this vulnerability - http://labs.mudynamics.com/pgpkey.txt |
About Mu Dynamics
Mu Dynamics proactively eliminates the high cost of service, application and network downtime. Mu’s solution automates a systematic and repeatable process that identifies hard-to-detect sources of potential downtime within IP services, applications, and underlying networks. The award-winning Mu solution is deployed at more than 100 locations, primarily at leading global service providers, cable operators and network product vendors. Headquartered in Sunnyvale, California, Mu is backed by leading venture capital firms that include Accel Partners, Benchmark Capital, DAG Ventures and Focus Ventures. http://www.mudynamics.com
Gallagher Group Communications
Kevin Gallagher, 925-831-1041
kevin@gg-comm.com
