| Vulnerability Name: | CVE-2010-2628 (CCN-61099) | ||||||||||||
| Assigned: | 2010-08-13 | ||||||||||||
| Published: | 2010-08-13 | ||||||||||||
| Updated: | 2010-08-24 | ||||||||||||
| Summary: | The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. | ||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-94 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2010-2628 Source: CONFIRM Type: Patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch Source: CONFIRM Type: Patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch Source: CONFIRM Type: Patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch Source: CONFIRM Type: Patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch Source: CONFIRM Type: Patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch Source: MLIST Type: UNKNOWN [opensuse-updates] 20100810 openSUSE-SU-2010:0496-1 (important): strongswan: fixing snprintf overflows Source: CCN Type: SA40956 strongSwan Certificate / Identification Payload Parsing Vulnerabilities Source: SECUNIA Type: Vendor Advisory 40956 Source: CCN Type: SECTRACK ID: 1024338 strongSwan snprintf() Bug Lets Remote Users Execute Arbitrary Code Source: CCN Type: strongSwan Web site strongSwan Source: CONFIRM Type: UNKNOWN http://trac.strongswan.org/projects/strongswan/wiki/441 Source: CCN Type: OSVDB ID: 67148 strongSwan snprintf() Function Certificate / Identification Payload Remote Code Execution Source: BID Type: Patch 42444 Source: CCN Type: BID-42444 strongSwan IETF Attribute or Identification Parsing Multiple Remote Code Execution Vulnerabilities Source: SECTRACK Type: UNKNOWN 1024338 Source: VUPEN Type: Patch, Vendor Advisory ADV-2010-2085 Source: VUPEN Type: UNKNOWN ADV-2010-2086 Source: CONFIRM Type: UNKNOWN https://bugzilla.novell.com/615915 Source: XF Type: UNKNOWN strongswan-snprintf-code-execution(61099) Source: CCN Type: strongSwan Mailing List, Mon Aug 2 16:14:51 CEST 2010 ANNOUNCE: strongswan-4.4.1 released Source: MLIST Type: Patch, Vendor Advisory [users] 20100802 ANNOUNCE: strongswan-4.4.1 released Source: SUSE Type: SUSE-SR:2010:015 SUSE Security Summary Report | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||