CVE-2013-2944
https://notcve.org/view.php?id=CVE-2013-2944
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature. strongSwan v4.3.5 hasta v5.0.3, cuando utiliza el plugin OpenSSL para la verificación de firma ECDSA, permite a atacantes remotos autenticarse como otros usuarios a través de una firma invalida. • http://download.strongswan.org/patches/10_openssl_ecdsa_signature_patch/strongswan-4.3.5-5.0.3_openssl_ecdsa_signature.patch http://lists.opensuse.org/opensuse-updates/2013-05/msg00014.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00121.html http://www.debian.org/security/2013/dsa-2665 http://www.securityfocus.com/bid/59580 http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-%28cve-2013- • CWE-287: Improper Authentication •
CVE-2012-2388
https://notcve.org/view.php?id=CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability." El GMP Plugin en strongSwan v4.2.0 hasta v4.6.3 permite a atacantes remotos evitar la autenticación a través de una firma RSA (1) vacía o (2) completada con ceros, también conocido como "Vulnerabilidad de verficación de firma RSA". • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00002.html http://osvdb.org/82587 http://secunia.com/advisories/49315 http://secunia.com/advisories/49336 http://secunia.com/advisories/49370 http://secunia.com/advisories/55051 http://www.debian.org/security/2012/dsa-2483 http://www.securityfocus.com/bid/53752 http://www.securitytracker.com/id?1027110 http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html https:/ • CWE-287: Improper Authentication •
CVE-2010-2628
https://notcve.org/view.php?id=CVE-2010-2628
The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. El demonio IKE en strongSwan v4.3.x anterior a v4.3.7 y v4.4.x anterior a v4.4.1 no comprueba adecuadamente el valor devuelto de la llamada snprintf, lo que permite a atacantes remotos ejecutar código de su elección a través de (1) certificado o (2) datos de identidad manipulados, que desencadenan un debordamiento de búfer • http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch http://lists.opensuse.org/opensuse-updates/2010-08/msg00026.h • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-2661
https://notcve.org/view.php?id=CVE-2009-2661
The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185. La función asn1_length en strongSwan 2.8 antes de 2.8.11, 4.2 antes de 4.2.17 y 4.3 antes de 4.3.3 no maneja adecuadamente certificados X.509 con Relative Distinguished Names (RDNs) modificados, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio pluto IKE) mediante datos ASN.1 malformados. NOTA: Esto es debido a una solución incompleta de CVE-2009-2185. • http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/36922 http://up2date.astaro.com/2009/08/up2date_7505_released.html http://www.debian.org/security/2009/dsa-1899 http:// • CWE-310: Cryptographic Issues •
CVE-2009-2185 – Openswan ASN.1 parser vulnerability
https://notcve.org/view.php?id=CVE-2009-2185
The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string. El analizador ASN.1 pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) en (a) strongSwan v2.8 anterior a v2.8.10, v4.2 anterior a v4.2.16, y v4.3 anterior a v4.3.2; y (b) openSwan v2.6 anterior a v2.6.22 y v2.4 anterior a v2.4.15 permite a atacantes remotos provocar una denegación de servicio (caída del demonio IKE pluto) a través de un certificado X.509 con (1) Nombres Caracterizados Relativos (RDNs) (2) una cadena UTCTIME manipulada, o (3) una cadena GENERALIZEDTIME manipulada. • http://download.strongswan.org/CHANGES2.txt http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/CHANGES42.txt http://secunia.com/advisories/35522 http://secunia.com/advisories/35698 http://secunia.com/advisories/35740 http://secunia.com/advisories/35804 http://secunia.com/advisories/36922 http://secunia.com/advisories/36950 http://secunia.com/advisories/37504 http://up2date.astaro.com/2009/07/up2date_7404_released.html http://www.debian.org/security/2009/ • CWE-20: Improper Input Validation •