CVE-2013-6075
Published: 2 November 2013
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.
Priority
Status
Package | Release | Status |
---|---|---|
strongswan Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
upstream |
Released
(5.1.0-3,5.1.1)
|
|
utopic |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
vivid |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
wily |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
xenial |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
yakkety |
Not vulnerable
(5.1.2-0ubuntu1)
|
|
zesty |
Not vulnerable
(5.1.2-0ubuntu1)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6075
- http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6075%29.html
- http://www.debian.org/security/2012/dsa-2789
- http://download.strongswan.org/security/CVE-2013-6075/strongswan-4.3.3-5.1.0_id_dn_match.patch
- NVD
- Launchpad
- Debian