CVE-2013-6075

2013-11-0218:55:03

Debian Security Bug Tracker

security-tracker.debian.org

cve-2013-6075

strongswan

remote code execution

user impersonation

insufficient length check

denial of service

access restrictions

identification function

daemon crash

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.007

Percentile

79.7%

JSON

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an “insufficient length check” during identity comparison.

OSVersionArchitecturePackageVersionFilename
Debian12allstrongswan< 5.1.0-3strongswan_5.1.0-3_all.deb
Debian11allstrongswan< 5.1.0-3strongswan_5.1.0-3_all.deb
Debian999allstrongswan< 5.1.0-3strongswan_5.1.0-3_all.deb
Debian13allstrongswan< 5.1.0-3strongswan_5.1.0-3_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	strongswan	< 5.1.0-3	strongswan_5.1.0-3_all.deb
Debian	11	all	strongswan	< 5.1.0-3	strongswan_5.1.0-3_all.deb
Debian	999	all	strongswan	< 5.1.0-3	strongswan_5.1.0-3_all.deb
Debian	13	all	strongswan	< 5.1.0-3	strongswan_5.1.0-3_all.deb