Lucene search
Veracode Vulnerability DatabaseVERACODE:37441HistoryOct 07, 2022 - 10:40 a.m.
Denial Of Service (DoS)
2022-10-0710:40:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.002 Low
EPSS
Percentile
55.1%
strongSwan is vulnerable to denial of service. The vulnerability exists because strongSwan incorrectly handles certain OCSP URIs and CRL distribution points (CDP) in certificates which allows a remote attacker to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control which leads to an application crash.
References
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-40617
lists.fedoraproject.org/archives/list/[email protected]/message/J3GAYIOCSLU57C45CO4UE4IV4JZE4W3L/
www.rapid7.com/db/vulnerabilities/ubuntu-cve-2022-40617/
www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
Related
ubuntu
ubuntu
strongSwan vulnerability
2022-10-03 00:00:00
strongSwan vulnerability
2022-10-03 00:00:00
nessus
nessus
Debian DSA-5249-1 : strongswan - security update
2022-10-07 00:00:00
FreeBSD : strongswan -- DOS attack vulnerability (0ae56f3e-488c-11ed-bb31-b42e99a1b9c3)
2022-10-10 00:00:00
SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2022:4197-1)
2022-11-24 00:00:00
osv
osv
strongswan - security update
2022-10-06 00:00:00
CVE-2022-40617
2022-10-31 06:15:09
strongswan vulnerability
2022-10-03 17:35:02
cbl_mariner
cbl_mariner
CVE-2022-40617 affecting package strongswan 5.7.2-5
2023-03-02 04:18:33
CVE-2022-40617 affecting package strongswan for versions less than 5.9.8-1
2023-01-03 20:57:25
openvas
openvas
Ubuntu: Security Advisory (USN-5651-2)
2022-10-04 00:00:00
Fedora: Security Advisory for strongswan (FEDORA-2022-525510c815)
2022-11-11 00:00:00
Debian: Security Advisory (DLA-3143-1)
2022-10-12 00:00:00
debian
debian
[SECURITY] [DSA 5249-1] strongswan security update
2022-10-06 16:07:36
[SECURITY] [DLA 3143-1] strongswan security update
2022-10-10 20:00:12
prion
prion
Code injection
2022-10-31 06:15:00
ubuntucve
ubuntucve
CVE-2022-40617
2022-10-03 00:00:00
cve
cve
CVE-2022-40617
2022-10-31 06:15:09
freebsd
freebsd
strongswan -- DOS attack vulnerability
2022-10-03 00:00:00
cnvd
cnvd
strongSwan trust management issue vulnerability
2022-10-11 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: strongswan-5.9.8-1.fc36
2022-10-26 17:28:34
[SECURITY] Fedora 37 Update: strongswan-5.9.8-1.fc37
2022-11-10 22:48:00
alpinelinux
alpinelinux
CVE-2022-40617
2022-10-31 06:15:09
debiancve
debiancve
CVE-2022-40617
2022-10-31 06:15:09
cvelist
cvelist
CVE-2022-40617
2022-10-31 00:00:00
nvd
nvd
CVE-2022-40617
2022-10-31 06:15:09
photon
photon
Important Photon OS Security Update - PHSA-2022-0540
2022-11-11 00:00:00
Important Photon OS Security Update - PHSA-2022-0279
2022-11-10 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0279
2022-11-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2274
2023-10-22 06:24:16
gentoo
gentoo
strongSwan: Multiple Vulnerabilities
2024-05-04 00:00:00