2 matches found
Buffer overflow
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service pluto IKE daemon crash and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be...
CVE-2013-2052
CVE-2013-2052 describes a remote, non-authenticated buffer overflow in the atodn() function of Libreswan/OpenSwan when Opportunistic Encryption is enabled and an attacker controls a DNS TXT PTR record. This can crash the pluto IKE daemon and potentially allow code execution. The vulnerability is ...