Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-2388HistoryJun 27, 2012 - 9:55 p.m.
CVE-2012-2388
2012-06-2721:55:02
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.018
Percentile
88.2%
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka “RSA signature verification vulnerability.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | strongswan | < 4.5.2-1.4 | strongswan_4.5.2-1.4_all.deb |
| Debian | 11 | all | strongswan | < 4.5.2-1.4 | strongswan_4.5.2-1.4_all.deb |
| Debian | 999 | all | strongswan | < 4.5.2-1.4 | strongswan_4.5.2-1.4_all.deb |
| Debian | 13 | all | strongswan | < 4.5.2-1.4 | strongswan_4.5.2-1.4_all.deb |
Related
openvas
openvas
SuSE Update for update openSUSE-SU-2012:0691-1 (update)
2012-12-13 00:00:00
Fedora Update for strongswan FEDORA-2012-8815
2012-08-30 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2012:0691-1)
2012-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: strongswan-4.6.4-1.fc16
2012-06-10 23:56:33
[SECURITY] Fedora 17 Update: strongswan-4.6.4-1.fc17
2012-06-10 23:57:07
altlinux
altlinux
Security fix for the ALT Linux 6 package strongswan version 4.6.4-alt1
2012-06-01 00:00:00
Security fix for the ALT Linux 7 package strongswan version 4.6.4-alt1
2012-06-01 00:00:00
nessus
nessus
Debian DSA-2483-1 : strongswan - authentication bypass
2012-06-29 00:00:00
SuSE 10 Security Update : strongswan (ZYPP Patch Number 8138)
2012-06-04 00:00:00
openSUSE Security Update : strongswan (openSUSE-SU-2012:0691-1)
2014-06-13 00:00:00
debian
debian
[SECURITY] [DSA 2483-1] strongswan security update
2012-05-31 17:21:13
[BSA-073] Security Update for strongswan
2012-06-04 20:11:13
[SECURITY] [DSA 2665-1] strongswan security update
2013-04-30 14:50:38
ubuntucve
ubuntucve
CVE-2012-2388
2012-06-27 00:00:00
nvd
nvd
CVE-2012-2388
2012-06-27 21:55:02
cvelist
cvelist
CVE-2012-2388
2012-06-27 21:00:00
osv
osv
strongswan - authentication bypass
2013-04-30 00:00:00
cve
cve
CVE-2012-2388
2012-06-27 21:55:02
prion
prion
Authentication flaw
2012-06-27 21:55:00
securityvulns
securityvulns
[SECURITY] [DSA 2483-1] strongswan security update
2012-06-03 00:00:00
strongswan authentication bypass
2012-06-03 00:00:00
[SECURITY] [DSA 2665-1] strongswan security update
2013-05-04 00:00:00
suse
suse
update for strongswan (important)
2012-06-04 11:08:30
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.018
Percentile
88.2%
Related for DEBIANCVE:CVE-2012-2388