4 matches found
Denial Of Service (DoS)
strongswan is vulnerable to denial of service DoS. The vulnerability exists as the gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a...
openSUSE Security Update : libnettle (openSUSE-2017-675)
This update for libnettle fixes the following issues : - CVE-2016-6489 : - Reject invalid RSA keys with even modulo. - Check for invalid keys, with even p, in dsasign. - Use function mpzpowmsec instead of mpzpowm bsc991464. This update was imported from the SUSE:SLE-12:Update update project...
CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...
CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...