strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.
Max CVSS
7.5
EPSS Score
0.16%
Published
2022-10-31
Updated
2023-07-19
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
Max CVSS
3.5
EPSS Score
0.12%
Published
2019-06-12
Updated
2020-09-30
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
Max CVSS
6.5
EPSS Score
0.57%
Published
2018-05-31
Updated
2023-06-12
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
Max CVSS
7.5
EPSS Score
1.46%
Published
2018-10-03
Updated
2019-12-01
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
Max CVSS
7.5
EPSS Score
0.50%
Published
2017-06-08
Updated
2019-10-03
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
Max CVSS
7.5
EPSS Score
0.88%
Published
2017-06-08
Updated
2019-04-16
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
Max CVSS
7.5
EPSS Score
0.74%
Published
2017-08-18
Updated
2018-08-13
strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Max CVSS
5.0
EPSS Score
4.36%
Published
2014-05-07
Updated
2018-08-13
Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.
Max CVSS
5.1
EPSS Score
5.87%
Published
2013-07-09
Updated
2023-02-13
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.
Max CVSS
5.0
EPSS Score
5.97%
Published
2009-06-08
Updated
2009-10-14
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request.
Max CVSS
5.0
EPSS Score
10.62%
Published
2009-06-08
Updated
2009-10-14
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP).
Max CVSS
5.0
EPSS Score
2.54%
Published
2008-10-14
Updated
2011-03-08
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
Max CVSS
10.0
EPSS Score
1.76%
Published
2004-12-06
Updated
2017-07-11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!