Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2018-5388
HistoryMay 31, 2018 - 12:00 a.m.

CVE-2018-5388

2018-05-3100:00:00
ubuntu.com
ubuntu.com
7

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

77.9%

JSON

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length
check could allow a buffer underflow, which may lead to resource exhaustion
and denial of service while reading from the socket.

Notes

Author Note
mdeslaur root needed to access socket, only DoS
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchstrongswan< 5.6.2-1ubuntu2.2UNKNOWN
ubuntu14.04noarchstrongswan< 5.1.2-0ubuntu2.10UNKNOWN
ubuntu16.04noarchstrongswan< 5.3.5-1ubuntu3.7UNKNOWN

Related

openvas 16
redhatcve 1
cve 1
nessus 21
archlinux 1
alpinelinux 1
osv 2
nvd 1
cert 1
prion 1
cvelist 1
fedora 5
debiancve 1
photon 4
debian 1
freebsd 1
ubuntu 1
suse 3
gentoo 1
openvas
openvas
Fedora Update for strongswan FEDORA-2018-bab8cabe2a
2018-06-03 00:00:00
Fedora Update for strongswan FEDORA-2018-3731a89e20
2018-05-28 00:00:00
Huawei EulerOS: Security Advisory for strongimcv (EulerOS-SA-2020-1134)
2020-02-24 00:00:00
redhatcve
redhatcve
CVE-2018-5388
2018-05-23 20:19:31
cve
cve
CVE-2018-5388
2018-05-31 13:29:00
nessus
nessus
Fedora 27 : strongswan (2018-bab8cabe2a)
2018-06-04 00:00:00
Photon OS 1.0: Strongswan PHSA-2018-1.0-0164
2019-02-07 00:00:00
Fedora 28 : strongswan (2018-3731a89e20)
2019-01-03 00:00:00
archlinux
archlinux
[ASA-201805-26] strongswan: denial of service
2018-05-26 00:00:00
alpinelinux
alpinelinux
CVE-2018-5388
2018-05-31 13:29:00
osv
osv
CVE-2018-5388
2018-05-31 13:29:00
strongswan - security update
2018-06-14 00:00:00
nvd
nvd
CVE-2018-5388
2018-05-31 13:29:00
cert
cert
strongSwan VPN charon server vulnerable to buffer underflow
2018-05-23 00:00:00
prion
prion
Buffer overflow
2018-05-31 13:29:00
cvelist
cvelist
CVE-2018-5388
2018-05-31 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: strongswan-5.6.2-6.fc28
2018-05-27 19:33:23
[SECURITY] Fedora 27 Update: strongswan-5.6.2-6.fc27
2018-06-02 21:13:47
[SECURITY] Fedora 28 Update: strongswan-5.6.3-1.fc28
2018-06-15 15:52:21
debiancve
debiancve
CVE-2018-5388
2018-05-31 13:29:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0164
2018-07-20 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0075
2018-07-20 00:00:00
Moderate Photon OS Security Update - PHSA-2018-0075
2018-07-20 00:00:00
debian
debian
[SECURITY] [DSA 4229-1] strongswan security update
2018-06-16 09:14:19
freebsd
freebsd
strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388)
2018-05-16 00:00:00
ubuntu
ubuntu
strongSwan vulnerabilities
2018-09-25 00:00:00
suse
suse
Security update for strongswan (important)
2019-11-30 00:00:00
Security update for strongswan (important)
2019-12-01 00:00:00
Security update for strongswan (moderate)
2020-03-29 00:00:00
gentoo
gentoo
strongSwan: Multiple vulnerabilities
2018-11-26 00:00:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

77.9%

JSON
Related for UB:CVE-2018-5388
openvas16redhatcve1cve1nessus21archlinux1alpinelinux1osv2nvd1cert1prion1cvelist1fedora5debiancve1photon4debian1freebsd1ubuntu1suse3gentoo1