CVE-2013-2053
Openswan: remote buffer overflow in atodn()
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.
Desbordamiento de buffer en la función atodn en Openswan anteriores a v2.6.39, cuando está activada Opportunistic Encryptiony se usa una clave RSA, permite a los atacantes remotos provocar una denegación de servicio (caída del demonio IKE)y posiblemente ejecutar código a través de registros DNS TXT. Nota: esta podría ser la misma vulnerabilidad que CVE-2013-2052 y CVE-2013-2054.
Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemon requests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-02-19 CVE Reserved
- 2013-05-15 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/59838 | Vdb Entry | |
| https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html | 2023-11-07 | |
| http://rhn.redhat.com/errata/RHSA-2013-0827.html | 2023-11-07 | |
| http://www.debian.org/security/2014/dsa-2893 | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=960229 | 2013-05-15 | |
| https://www.openswan.org/news/13 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2013-2053 | 2013-05-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | <= 2.6.38 Search vendor "Xelerance" for product "Openswan" and version " <= 2.6.38" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.01 Search vendor "Xelerance" for product "Openswan" and version "2.6.01" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.02 Search vendor "Xelerance" for product "Openswan" and version "2.6.02" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.03 Search vendor "Xelerance" for product "Openswan" and version "2.6.03" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.04 Search vendor "Xelerance" for product "Openswan" and version "2.6.04" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.05 Search vendor "Xelerance" for product "Openswan" and version "2.6.05" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.06 Search vendor "Xelerance" for product "Openswan" and version "2.6.06" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.07 Search vendor "Xelerance" for product "Openswan" and version "2.6.07" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.08 Search vendor "Xelerance" for product "Openswan" and version "2.6.08" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.09 Search vendor "Xelerance" for product "Openswan" and version "2.6.09" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.10 Search vendor "Xelerance" for product "Openswan" and version "2.6.10" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.11 Search vendor "Xelerance" for product "Openswan" and version "2.6.11" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.12 Search vendor "Xelerance" for product "Openswan" and version "2.6.12" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.13 Search vendor "Xelerance" for product "Openswan" and version "2.6.13" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.14 Search vendor "Xelerance" for product "Openswan" and version "2.6.14" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.15 Search vendor "Xelerance" for product "Openswan" and version "2.6.15" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.16 Search vendor "Xelerance" for product "Openswan" and version "2.6.16" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.17 Search vendor "Xelerance" for product "Openswan" and version "2.6.17" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.18 Search vendor "Xelerance" for product "Openswan" and version "2.6.18" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.19 Search vendor "Xelerance" for product "Openswan" and version "2.6.19" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.20 Search vendor "Xelerance" for product "Openswan" and version "2.6.20" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.21 Search vendor "Xelerance" for product "Openswan" and version "2.6.21" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.22 Search vendor "Xelerance" for product "Openswan" and version "2.6.22" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.23 Search vendor "Xelerance" for product "Openswan" and version "2.6.23" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.24 Search vendor "Xelerance" for product "Openswan" and version "2.6.24" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.25 Search vendor "Xelerance" for product "Openswan" and version "2.6.25" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.26 Search vendor "Xelerance" for product "Openswan" and version "2.6.26" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.27 Search vendor "Xelerance" for product "Openswan" and version "2.6.27" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.28 Search vendor "Xelerance" for product "Openswan" and version "2.6.28" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.29 Search vendor "Xelerance" for product "Openswan" and version "2.6.29" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.30 Search vendor "Xelerance" for product "Openswan" and version "2.6.30" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.31 Search vendor "Xelerance" for product "Openswan" and version "2.6.31" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.32 Search vendor "Xelerance" for product "Openswan" and version "2.6.32" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.33 Search vendor "Xelerance" for product "Openswan" and version "2.6.33" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.34 Search vendor "Xelerance" for product "Openswan" and version "2.6.34" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.35 Search vendor "Xelerance" for product "Openswan" and version "2.6.35" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.36 Search vendor "Xelerance" for product "Openswan" and version "2.6.36" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.37 Search vendor "Xelerance" for product "Openswan" and version "2.6.37" | - |
Affected
| ||||||