Vulnerabilities > CVE-2017-11185 - NULL Pointer Dereference vulnerability in Strongswan

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
strongswan
CWE-476
nessus
NVD
Published: 2017-08-18
Updated: 2023-11-07

Summary

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.

Vulnerable Configurations

Part Description Count
Application
Strongswan
131

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1059.NASL
    descriptionIt was discovered that there was a denial of service vulnerability in the Strongswan Virtual Private Network (VPN) software. Specific RSA signatures passed to the gmp plugin for verification could cause a NULL pointer dereference. Potential triggers are signatures in certificates, but also signatures used during IKE authentication. For more details, please see : <https://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-( cve-2017-11185).html> For Debian 7
    last seen2020-03-17
    modified2017-08-21
    plugin id102594
    published2017-08-21
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102594
    titleDebian DLA-1059-1 : strongswan security update
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3397-1.NASL
    descriptionIt was discovered that strongSwan incorrectly handled verifying specific RSA signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102678
    published2017-08-22
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102678
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.04 : strongswan vulnerability (USN-3397-1)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0040.NASL
    descriptionAn update of [openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip] packages for PhotonOS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111889
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111889
    titlePhoton OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2293-1.NASL
    descriptionThis update for strongswan fixes the following issues : - CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a NULL pointer dereference and it may lead to a denial of service (bsc#1051222) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102840
    published2017-08-30
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102840
    titleSUSE SLES11 Security Update : strongswan (SUSE-SU-2017:2293-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2143-1.NASL
    descriptionThis update for strongswan fixes the following issues : - CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a NULL pointer dereference and it may lead to a denial of service (bsc#1051222) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102476
    published2017-08-14
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102476
    titleSUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2017:2143-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3962.NASL
    descriptionA denial of service vulnerability was identified in strongSwan, an IKE/IPsec suite, using Google
    last seen2020-06-01
    modified2020-06-02
    plugin id102929
    published2017-09-05
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102929
    titleDebian DSA-3962-1 : strongswan - security update
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0040_STRONGSWAN.NASL
    descriptionAn update of the strongswan package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121747
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121747
    titlePhoton OS 1.0: Strongswan PHSA-2017-0040

References