FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-5018

This CVE name corresponds to:

Entered Topic
2014-01-27 strongswan -- multiple DoS vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2013-5018 at cve.mitre.org

Details

Type Candidate
Name CVE-2013-5018
Phase Assigned(20130730)

Description

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.

References

Source Reference
MLIST [Users] 20130729 [strongSwan] charon crash right after xauth+rsa client connects (strongswan-5.0.4, ubuntu 12.04)
CONFIRM http://strongswan.org/blog/2013/08/01/strongswan-5.1.0-released.html
CONFIRM http://strongswan.org/blog/2013/08/01/strongswan-denial-of-service-vulnerability-%28cve-2013-5018%29.html
SUSE openSUSE-SU-2013:1332
SUSE openSUSE-SU-2013:1333
SUSE openSUSE-SU-2013:1372
SECUNIA 54315
SECUNIA 54524

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.