A NULL pointer dereference flaw was found in the way Openswan"s pluto IKE daemon handled certain error conditions. A remote, unauthenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon.