Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2012-2388
HistoryJun 27, 2012 - 9:55 p.m.

CVE-2012-2388

2012-06-2721:55:02
Debian Security Bug Tracker
security-tracker.debian.org
10

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.2%

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka “RSA signature verification vulnerability.”

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.018

Percentile

88.2%