Showing 1 - 3 of 3

CVE-2018-16151

Status Candidate

Overview

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.

Related Files

Gentoo Linux Security Advisory 201811-16: Posted Nov 27, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201811-16 - Multiple vulnerabilities have been found in strongSwan, the worst of which could lead to a Denial of Service condition. Versions less than 5.7.1 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2018-10811, CVE-2018-16151, CVE-2018-16152, CVE-2018-17540, CVE-2018-5388, CVE-2018-6459; SHA-256 | 90b2c65ae66ecb8393798be16d494aeac84b63c0e80ade4bc9082323fe2ace84; Download | Favorite | View

Ubuntu Security Notice USN-3771-1: Posted Sep 25, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3771-1 - It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2018-10811, CVE-2018-16151, CVE-2018-16152, CVE-2018-5388; SHA-256 | e17f096815ff5bd42d4ea76068f61f20c3869354f1a3c2c88ea7118d853351da; Download | Favorite | View

Debian Security Advisory 4305-1: Posted Sep 25, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4305-1 - Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite.; tags | advisory; systems | linux, debian; advisories | CVE-2018-16151, CVE-2018-16152; SHA-256 | 3600f91c663ea865ce9da23457277830706c0b7bfd18f2204a59509fb92beb1a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2018-16151

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems