Strongswan Security Vulnerabilities and Issues — Strongswan CVE List

Lucene search

StrongswanStrongswan

12 matches found

CVE•added 2018/09/26 9:29 p.m.•229 views

CVE-2018-16152

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can f...

7.5CVSS6AI score0.42007EPSS

CVE•added 2018/09/26 9:29 p.m.•222 views

CVE-2018-16151

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of st...

7.5CVSS7.3AI score0.01244EPSS

CVE•added 2018/10/03 8:29 p.m.•212 views

CVE-2018-17540

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

7.5CVSS7.3AI score0.05076EPSS

CVE•added 2021/10/18 2:15 p.m.•206 views

CVE-2021-41991

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random numb...

7.5CVSS7.8AI score0.02202EPSS

CVE•added 2018/06/19 9:29 p.m.•201 views

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

7.5CVSS7.4AI score0.18798EPSS

CVE•added 2021/10/18 2:15 p.m.•175 views

CVE-2021-41990

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.

7.5CVSS7.7AI score0.02812EPSS

CVE•added 2022/10/31 6:15 a.m.•150 views

CVE-2022-40617

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example)...

7.5CVSS7.1AI score0.00239EPSS

CVE•added 2017/06/08 4:29 p.m.•105 views

CVE-2017-9022

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

7.5CVSS7AI score0.00826EPSS

CVE•added 2017/08/18 5:29 p.m.•104 views

CVE-2017-11185

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.

7.5CVSS7AI score0.00703EPSS

CVE•added 2017/06/08 4:29 p.m.•100 views

CVE-2017-9023

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.

7.5CVSS7AI score0.00798EPSS

CVE•added 2012/06/27 9:55 p.m.•69 views

CVE-2012-2388

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."

7.5CVSS6.6AI score0.00865EPSS

CVE•added 2010/08/20 6:0 p.m.•45 views

CVE-2010-2628

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.

7.5CVSS7.9AI score0.05728EPSS