FreshPorts - VuXML

Lahav Schlesinger reported a bug related to online certificate revocation checking that can lead to a denial-of-service attack

.

< 5.9.8

strongSwan Project reports:

An information leak vulnerability was fixed that, in certain IKEv2 setups, allowed rogue servers with a valid certificate accepted by the client to trick it into disclosing user credentials (even plain passwords if the client accepts EAP-GTC). This was caused because constraints against the server's authentication were enforced too late. All versions since 4.3.0 are affected.

ge 4.3.0 lt 5.3.2

Strongswan Release Notes reports:

Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that was caused by insufficient verification of the internal state when handling MSCHAPv2 Success messages received by the client. This vulnerability has been registered as CVE-2015-8023.

< 5.3.4

strongSwan reports:

A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.

ge 5.9.8 lt 5.9.9_2

StrongSwan Project reports

A denial-of-service and potential remote code execution vulnerability triggered by crafted IKE messages was discovered in strongSwan. Versions 5.2.2 and 5.3.0 are affected.

ge 5.2.2 lt 5.3.1

Strongswan Release Notes reports:

Fixed a denial-of-service vulnerability in the gmp plugin that was caused by an integer overflow when processing RSASSA-PSS signatures with very large salt lengths. This vulnerability has been registered as CVE-2021-41990.

Fixed a denial-of-service vulnerability in the in-memory certificate cache if certificates are replaced and a very large random value caused an integer overflow. This vulnerability has been registered as CVE-2021-41991.

< 5.9.4

Strongswan Release Notes reports:

Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function (MGF). Only MGF1 is currently specified for this purpose. However, this in turn takes itself a parameter that specifies the underlying hash function. strongSwan's parser did not correctly handle the case of this parameter being absent, causing an undefined data read. his vulnerability has been registered as CVE-2018-6459.

eq 5.6.1

strongSwan developers report:

Remote attackers are able to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

Only installations that actively initiate or re-authenticate IKEv2 IKE_SAs are affected.

< 5.1.3

strongSwan security team reports:

If the openssl plugin is used for ECDSA signature verification an empty, zeroed or otherwise invalid signature is handled as a legitimate one. Both IKEv1 and IKEv2 are affected.

Affected are only installations that have enabled and loaded the OpenSSL crypto backend (--enable-openssl). Builds using the default crypto backends are not affected.

< 5.0.4

strongSwan security team reports:

• A denial-of-service vulnerability in the IKEv2 key derivation was fixed if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (which is not FIPS-compliant). So this should only affect very specific setups, but in such configurations all strongSwan versions since 5.0.1 may be affected.
• A denial-of-service vulnerability in the stroke plugin was fixed. When reading a message from the socket the plugin did not check the received length. Unless a group is configured, root privileges are required to access that socket, so in the default configuration this shouldn't be an issue, but all strongSwan versions may be affected.

< 5.6.3

strongSwan reports:

A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected.

ge 5.3.0 lt 5.9.11_3

Strongswan Release Notes reports:

Fixed a vulnerability in the EAP client implementation that was caused by incorrectly handling early EAP-Success messages. It may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack. This vulnerability has been registered as CVE-2021-45079.

< 5.9.5

strongSwan security team reports:

• RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception. [CVE-2017-9022]
• ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate.

ge 4.4.0 le 5.5.2

strongSwan Project reports:

A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected.

A DoS vulnerability and potential authorization bypass triggered by a crafted ID_DER_ASN1_DN ID payload was discovered in strongSwan. All versions since 4.3.3 are affected.

A DoS vulnerability in strongSwan was discovered, which is triggered by XAuth usernames and EAP identities in versions 5.0.3 and 5.0.4.

< 5.1.1