ID CVE-2017-11185
Summary The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
References
Vulnerable Configurations
  • strongSwan 5.5.3
    cpe:2.3:a:strongswan:strongswan:5.5.3
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1059.NASL
    description It was discovered that there was a denial of service vulnerability in the Strongswan Virtual Private Network (VPN) software. Specific RSA signatures passed to the gmp plugin for verification could cause a NULL pointer dereference. Potential triggers are signatures in certificates, but also signatures used during IKE authentication. For more details, please see : For Debian 7 'Wheezy', this issue has been fixed in strongswan version 4.5.2-1.5+deb7u10. We recommend that you upgrade your strongswan packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-09
    plugin id 102594
    published 2017-08-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102594
    title Debian DLA-1059-1 : strongswan security update
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3962.NASL
    description A denial of service vulnerability was identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project. The gmp plugin in strongSwan had insufficient input validation when verifying RSA signatures. This coding error could lead to a NULL pointer dereference, leading to process crash.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102929
    published 2017-09-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102929
    title Debian DSA-3962-1 : strongswan - security update
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2017-0040.NASL
    description An update of [openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip] packages for PhotonOS has been released.
    last seen 2018-09-01
    modified 2018-08-17
    plugin id 111889
    published 2018-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111889
    title Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3397-1.NASL
    description It was discovered that strongSwan incorrectly handled verifying specific RSA signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 102678
    published 2017-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102678
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : strongswan vulnerability (USN-3397-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2143-1.NASL
    description This update for strongswan fixes the following issues : - CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a NULL pointer dereference and it may lead to a denial of service (bsc#1051222) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102476
    published 2017-08-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102476
    title SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2017:2143-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2293-1.NASL
    description This update for strongswan fixes the following issues : - CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can cause a NULL pointer dereference and it may lead to a denial of service (bsc#1051222) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102840
    published 2017-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102840
    title SUSE SLES11 Security Update : strongswan (SUSE-SU-2017:2293-1)
refmap via4
bid 100492
confirm https://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-(cve-2017-11185).html
debian DSA-3962
Last major update 18-08-2017 - 13:29
Published 18-08-2017 - 13:29
Last modified 13-08-2018 - 17:47
Back to Top