Vulnerabilities > Strongswan > Strongswan > 4.3.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-08 | CVE-2017-9022 | Improper Input Validation vulnerability in multiple products The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate. | 7.5 |
2015-06-10 | CVE-2015-4171 | Information Exposure vulnerability in multiple products strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | 2.6 |
2014-04-16 | CVE-2014-2338 | Improper Authentication vulnerability in Strongswan IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. | 6.4 |
2013-11-02 | CVE-2013-6075 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Strongswan The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison. | 5.0 |
2012-06-27 | CVE-2012-2388 | Improper Authentication vulnerability in Strongswan The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability." | 7.5 |
2010-08-20 | CVE-2010-2628 | Code Injection vulnerability in Strongswan The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. | 7.5 |