Common Vulnerabilities and Exposures assigned an identifier CVE-2014-2891 to the following vulnerability: Name: CVE-2014-2891 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2891 Assigned: 20140417 Reference: http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html Reference: DEBIAN:DSA-2922 Reference: http://www.debian.org/security/2014/dsa-2922 Reference: http://www.securityfocus.com/bid/67212 strongSwan before 5.1.3 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. NOTE: MITRE has the wrong description; this was corrected in strongSwan 5.1.2. Current Fedora and EPEL 6 releases contain strongSwan 5.1.3 which is not vulnerable to this issue. This also does not affect the versions of openswan or libreswan as shipped in Red Hat Enterprise Linux or Fedora. Statement: Not vulnerable. This issue did not affect the versions of openswan as shipped with Red Hat Enterprise Linux 5 and 6.