strongSwan 5.2.1

CPE Details

strongSwan 5.2.1
strongswan
strongswan
5.2.1
2015-06-11
13h28 +00:00
2015-06-12
15h01 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:strongswan:strongswan:5.2.1:*:*:*:*:*:*:*

Informations

Vendor

strongswan

Product

strongswan

Version

5.2.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-40617 2022-10-30 23h00 +00:00 strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.
7.5
High
CVE-2021-45079 2022-01-31 06h15 +00:00 In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
9.1
Critical
CVE-2021-41991 2021-10-18 11h44 +00:00 The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.
7.5
High
CVE-2018-17540 2018-10-03 18h00 +00:00 The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
7.5
High
CVE-2018-16151 2018-09-26 19h00 +00:00 In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.
7.5
High
CVE-2018-16152 2018-09-26 19h00 +00:00 In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
7.5
High
CVE-2018-10811 2018-06-19 19h00 +00:00 strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
7.5
High
CVE-2018-5388 2018-05-30 22h00 +00:00 In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
6.5
Medium
CVE-2017-11185 2017-08-18 15h00 +00:00 The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
7.5
High
CVE-2017-9022 2017-06-08 14h00 +00:00 The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
7.5
High
CVE-2017-9023 2017-06-08 14h00 +00:00 The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
7.5
High
CVE-2015-8023 2015-11-18 15h00 +00:00 The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.
5
CVE-2015-4171 2015-06-10 16h00 +00:00 strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
2.6