Page 4 of 26 results (0.009 seconds)

CVSS: 4.3EPSS: 4%CPEs: 9EXPL: 1

CVE-2013-5018

https://notcve.org/view.php?id=CVE-2013-5018

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow. La función is_asn1 en strongSwan v4.1.11 hasta v5.0.4 no valida correctamente el valor de retorno de la función asn1_length, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de (1) nombre de usuario XAuth, (2) identidad EAP, o (3) la codificación PEM de un fichero que comienza con los caracteres "0x04, 0x30, o 0x31" seguidos por un valor de tamaño ASN.1 que dispara un desbordamiento de enteros. • http://lists.opensuse.org/opensuse-updates/2013-08/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00022.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00050.html http://secunia.com/advisories/54315 http://secunia.com/advisories/54524 http://strongswan.org/blog/2013/08/01/strongswan-5.1.0-released.html http://strongswan.org/blog/2013/08/01/strongswan-denial-of-service-vulnerability-%28cve-2013-5018%29.html http://www.securityfocus.com/bid/61564 https& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 5%CPEs: 96EXPL: 0

CVE-2013-2054

https://notcve.org/view.php?id=CVE-2013-2054

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. Desbordamiento de buffer en la función atodn en strongSwan v2.0.0 hasta v4.3.4, cuando está activada "Opportunistic Encryption" y se usa una clave RSA, permite a atacantes remotos provocar una denegación de servicio (caida del demonio IKE) y posiblemente ejecutar código a través de registros DNS TXT. NOTA: esta podría ser la misma vulnerabilidad que CVE-2013-2053 y CVE-2013-2054. • http://download.strongswan.org/security/CVE-2013-2054/CVE-2013-2054.txt http://www.securityfocus.com/bid/59837 https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 1%CPEs: 34EXPL: 0

CVE-2012-2388

https://notcve.org/view.php?id=CVE-2012-2388

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability." El GMP Plugin en strongSwan v4.2.0 hasta v4.6.3 permite a atacantes remotos evitar la autenticación a través de una firma RSA (1) vacía o (2) completada con ceros, también conocido como "Vulnerabilidad de verficación de firma RSA". • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00002.html http://osvdb.org/82587 http://secunia.com/advisories/49315 http://secunia.com/advisories/49336 http://secunia.com/advisories/49370 http://secunia.com/advisories/55051 http://www.debian.org/security/2012/dsa-2483 http://www.securityfocus.com/bid/53752 http://www.securitytracker.com/id?1027110 http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html https:/ • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 86%CPEs: 8EXPL: 0

CVE-2010-2628

https://notcve.org/view.php?id=CVE-2010-2628

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. El demonio IKE en strongSwan v4.3.x anterior a v4.3.7 y v4.4.x anterior a v4.4.1 no comprueba adecuadamente el valor devuelto de la llamada snprintf, lo que permite a atacantes remotos ejecutar código de su elección a través de (1) certificado o (2) datos de identidad manipulados, que desencadenan un debordamiento de búfer • http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch http://lists.opensuse.org/opensuse-updates/2010-08/msg00026.h • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.0EPSS: 2%CPEs: 24EXPL: 0

CVE-2009-2661

https://notcve.org/view.php?id=CVE-2009-2661

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185. La función asn1_length en strongSwan 2.8 antes de 2.8.11, 4.2 antes de 4.2.17 y 4.3 antes de 4.3.3 no maneja adecuadamente certificados X.509 con Relative Distinguished Names (RDNs) modificados, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio pluto IKE) mediante datos ASN.1 malformados. NOTA: Esto es debido a una solución incompleta de CVE-2009-2185. • http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/36922 http://up2date.astaro.com/2009/08/up2date_7505_released.html http://www.debian.org/security/2009/dsa-1899 http:// • CWE-310: Cryptographic Issues •