Showing 1 - 1 of 1

CVE-2013-5018

Status Candidate

Overview

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.

Related Files

Gentoo Linux Security Advisory 201309-02: Posted Sep 2, 2013; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201309-2 - Multiple vulnerabilities have been found in strongSwan, possibly allowing remote attackers to authenticate as other users or cause a Denial of Service condition. Versions less than 5.1.0 are affected.; tags | advisory, remote, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2013-2054, CVE-2013-2944, CVE-2013-5018; SHA-256 | e5de6a7527422acc9f93e2938d3bd572a9d0efb8c22e1b9eec52ad5f16412f47; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 99 files
Gentoo 29 files
indoushka 26 files
Debian 16 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
jheysel-r7 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

CVE-2013-5018

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems