Showing 1 - 1 of 1

CVE-2013-5018

Status Candidate

Overview

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.

Related Files

Gentoo Linux Security Advisory 201309-02: Posted Sep 2, 2013; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201309-2 - Multiple vulnerabilities have been found in strongSwan, possibly allowing remote attackers to authenticate as other users or cause a Denial of Service condition. Versions less than 5.1.0 are affected.; tags | advisory, remote, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2013-2054, CVE-2013-2944, CVE-2013-5018; SHA-256 | e5de6a7527422acc9f93e2938d3bd572a9d0efb8c22e1b9eec52ad5f16412f47; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2013-5018

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems