Page 3 of 17 results (0.014 seconds)

CVSS: 5.1EPSS: 5%CPEs: 96EXPL: 0

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. Desbordamiento de buffer en la función atodn en strongSwan v2.0.0 hasta v4.3.4, cuando está activada "Opportunistic Encryption" y se usa una clave RSA, permite a atacantes remotos provocar una denegación de servicio (caida del demonio IKE) y posiblemente ejecutar código a través de registros DNS TXT. NOTA: esta podría ser la misma vulnerabilidad que CVE-2013-2053 y CVE-2013-2054. • http://download.strongswan.org/security/CVE-2013-2054/CVE-2013-2054.txt http://www.securityfocus.com/bid/59837 https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 24EXPL: 0

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185. La función asn1_length en strongSwan 2.8 antes de 2.8.11, 4.2 antes de 4.2.17 y 4.3 antes de 4.3.3 no maneja adecuadamente certificados X.509 con Relative Distinguished Names (RDNs) modificados, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio pluto IKE) mediante datos ASN.1 malformados. NOTA: Esto es debido a una solución incompleta de CVE-2009-2185. • http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/36922 http://up2date.astaro.com/2009/08/up2date_7505_released.html http://www.debian.org/security/2009/dsa-1899 http:// • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 8%CPEs: 56EXPL: 0

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string. El analizador ASN.1 pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) en (a) strongSwan v2.8 anterior a v2.8.10, v4.2 anterior a v4.2.16, y v4.3 anterior a v4.3.2; y (b) openSwan v2.6 anterior a v2.6.22 y v2.4 anterior a v2.4.15 permite a atacantes remotos provocar una denegación de servicio (caída del demonio IKE pluto) a través de un certificado X.509 con (1) Nombres Caracterizados Relativos (RDNs) (2) una cadena UTCTIME manipulada, o (3) una cadena GENERALIZEDTIME manipulada. • http://download.strongswan.org/CHANGES2.txt http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/CHANGES42.txt http://secunia.com/advisories/35522 http://secunia.com/advisories/35698 http://secunia.com/advisories/35740 http://secunia.com/advisories/35804 http://secunia.com/advisories/36922 http://secunia.com/advisories/36950 http://secunia.com/advisories/37504 http://up2date.astaro.com/2009/07/up2date_7404_released.html http://www.debian.org/security/2009/ • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 8%CPEs: 70EXPL: 0

charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request. charon/sa/ike_sa.c del demonio charon de strongSWAN anterior a v4.3.1, permite a atacantes remotos provocar una denegación de servicio (referenca a puntero nulo y caída) a través de una solicitud IKE_SA_INIT no válida que provoca "un estado incompleto", seguido de una solicitud CREATE_CHILD_SA. • http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.patch http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.readme http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35296 http://secunia.com/advisories/35685 http://secunia.com/advisories/36922 http://www.debian.org/security/2009/dsa-1899 http:& • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 6%CPEs: 80EXPL: 0

charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector. charon/sa/tasks/child_create.c en el demonio charon en strongSWAN anteriores a v4.3.1 conmuta el test NULL por cargas destructivas TSi y TSr, lo que permite a los atacantes remotos causar una denegación de servicio a través de una petición IKE__AUTH sin un (1) TSi o (2) un selector de tráfico TSr. • http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.patch http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.readme http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35296 http://secunia.com/advisories/35685 http://secunia.com/advisories/36922 http://www.debian.org/security/2009/dsa-1899 http • CWE-399: Resource Management Errors •