Refine your search
6 vulnerabilities found for by StrongSwan
CVE-2026-25075 (GCVE-0-2026-25075)
Vulnerability from cvelistv5
Published
2026-03-23 18:33
Modified
2026-03-27 19:17
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
VLAI Severity ?
EPSS score ?
Summary
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL pointer dereference, crashing the charon IKE daemon.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongSwan | strongSwan |
Version: 4.5.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25075",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:29:53.640147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:31:31.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-03-27T19:17:30.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "strongSwan",
"repo": "https://github.com/strongswan/strongswan",
"vendor": "strongSwan",
"versions": [
{
"lessThan": "6.0.5",
"status": "affected",
"version": "4.5.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."
},
{
"lang": "en",
"type": "coordinator",
"value": "VulnCheck"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL pointer dereference, crashing the charon IKE daemon.\u003cbr\u003e"
}
],
"value": "strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL pointer dereference, crashing the charon IKE daemon."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer underflow (wrap or wraparound)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL pointer dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T19:16:09.076Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"exploit"
],
"url": "https://www.strongswan.org/blog/2026/03/23/strongswan-vulnerability-(cve-2026-25075).html"
},
{
"tags": [
"release-notes"
],
"url": "https://www.strongswan.org/blog/2026/03/23/strongswan-6.0.5-released.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/strongswan-eap-ttls-avp-parsing-integer-underflow"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "strongSwan 4.5.0 \u003c 6.0.5 EAP-TTLS AVP Parsing Integer Underflow",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-25075",
"datePublished": "2026-03-23T18:33:10.952Z",
"dateReserved": "2026-01-28T21:47:35.121Z",
"dateUpdated": "2026-03-27T19:17:30.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25998 (GCVE-0-2026-25998)
Vulnerability from cvelistv5
Published
2026-02-19 15:51
Modified
2026-02-20 15:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database (private keys, EAP secrets), strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization vector (IV), a key stream is generated to encrypt the data in the database fields. But because strongMan did not generate individual IVs, every database field was encrypted using the same key stream. An attacker that has access to the database can use this to recover the encrypted credentials. In particular, because certificates, which have to be considered public information, are also encrypted using the same mechanism, an attacker can directly recover a large chunk of the key stream, which allows them to decrypt basically all other secrets especially ECDSA private keys and EAP secrets, which are usually a lot shorter. Version 0.2.0 fixes the issue by switching to AES-GCM-SIV encryption with a random nonce and an individually derived encryption key, using HKDF, for each encrypted value. Database migrations are provided to automatically re-encrypt all credentials.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongswan | strongMan |
Version: < 0.2.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25998",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T15:32:21.931190Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T15:42:52.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "strongMan",
"vendor": "strongswan",
"versions": [
{
"status": "affected",
"version": "\u003c 0.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database (private keys, EAP secrets), strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization vector (IV), a key stream is generated to encrypt the data in the database fields. But because strongMan did not generate individual IVs, every database field was encrypted using the same key stream. An attacker that has access to the database can use this to recover the encrypted credentials. In particular, because certificates, which have to be considered public information, are also encrypted using the same mechanism, an attacker can directly recover a large chunk of the key stream, which allows them to decrypt basically all other secrets especially ECDSA private keys and EAP secrets, which are usually a lot shorter. Version 0.2.0 fixes the issue by switching to AES-GCM-SIV encryption with a random nonce and an individually derived encryption key, using HKDF, for each encrypted value. Database migrations are provided to automatically re-encrypt all credentials."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1204",
"description": "CWE-1204: Generation of Weak Initialization Vector (IV)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T15:53:30.113Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/strongswan/strongMan/security/advisories/GHSA-88w4-jv97-c8xr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/strongswan/strongMan/security/advisories/GHSA-88w4-jv97-c8xr"
}
],
"source": {
"advisory": "GHSA-88w4-jv97-c8xr",
"discovery": "UNKNOWN"
},
"title": "strongMan vulnerable to private credential recovery due to key and counter reuse"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25998",
"datePublished": "2026-02-19T15:51:35.349Z",
"dateReserved": "2026-02-09T17:41:55.859Z",
"dateUpdated": "2026-02-20T15:42:52.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-62291 (GCVE-0-2025-62291)
Vulnerability from cvelistv5
Published
2026-01-16 00:00
Modified
2026-01-16 19:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongSwan | strongSwan |
Version: 4.2.12 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-62291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T18:50:33.538280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T18:51:12.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-16T19:07:43.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "strongSwan",
"vendor": "strongSwan",
"versions": [
{
"lessThan": "6.0.3",
"status": "affected",
"version": "4.2.12",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.3",
"versionStartIncluding": "4.2.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T18:23:50.089Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/strongswan/strongswan/releases"
},
{
"url": "https://github.com/strongswan/strongswan/commits/master/src/libcharon/plugins/eap_mschapv2"
},
{
"url": "https://www.strongswan.org/blog/2025/10/27/strongswan-vulnerability-%28cve-2025-62291%29.html"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-62291",
"datePublished": "2026-01-16T00:00:00.000Z",
"dateReserved": "2025-10-10T00:00:00.000Z",
"dateUpdated": "2026-01-16T19:07:43.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4967 (GCVE-0-2022-4967)
Vulnerability from cvelistv5
Published
2024-05-13 12:09
Modified
2025-02-13 16:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client's certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongSwan | strongSwan |
Version: 5.9.2 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4967",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T13:10:42.421746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:16:33.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:46.125Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/strongswan/strongswan/commit/e4b4aabc4996fc61c37deab7858d07bc4d220136"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.strongswan.org/blog/2024/05/13/strongswan-vulnerability-(cve-2022-4967).html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4967"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240614-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"packageName": "strongswan",
"platforms": [
"Linux"
],
"product": "strongSwan",
"repo": "https://github.com/strongswan/strongswan",
"vendor": "strongSwan",
"versions": [
{
"lessThan": "5.9.6",
"status": "affected",
"version": "5.9.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jan Schermer"
}
],
"descriptions": [
{
"lang": "en",
"value": "strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client\u0027s certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-297",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T13:06:08.293Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/strongswan/strongswan/commit/e4b4aabc4996fc61c37deab7858d07bc4d220136"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.strongswan.org/blog/2024/05/13/strongswan-vulnerability-(cve-2022-4967).html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4967"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240614-0006/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2022-4967",
"datePublished": "2024-05-13T12:09:19.104Z",
"dateReserved": "2024-04-19T18:02:23.578Z",
"dateUpdated": "2025-02-13T16:38:39.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5389 (GCVE-0-2018-5389)
Vulnerability from cvelistv5
Published
2018-09-06 21:00
Modified
2024-08-05 05:33
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongSwan | Strongswan |
Version: 5.5.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/857035"
},
{
"tags": [
"x_transferred"
],
"url": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K42378447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Strongswan",
"vendor": "strongSwan",
"versions": [
{
"status": "affected",
"version": "5.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-521 Weak Password Requirements",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-323 Reusing a Nonce, Key Pair in Encryption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T19:08:15.699Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf"
},
{
"url": "https://www.kb.cert.org/vuls/id/857035"
},
{
"url": "https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html"
},
{
"url": "https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key"
},
{
"url": "https://my.f5.com/manage/s/article/K42378447"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2018-5389",
"x_generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2018-5389"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2018-5389",
"datePublished": "2018-09-06T21:00:00.000Z",
"dateReserved": "2018-01-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T05:33:44.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5388 (GCVE-0-2018-5388)
Vulnerability from cvelistv5
Published
2018-05-31 00:00
Modified
2024-08-05 05:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| strongSwan | strongSwan |
Version: 5.6.3 < 5.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#338343",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/338343"
},
{
"name": "GLSA-201811-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-16"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.strongswan.org/?p=strongswan.git%3Ba=commitdiff%3Bh=0acd1ab4"
},
{
"name": "104263",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104263"
},
{
"name": "USN-3771-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3771-1/"
},
{
"name": "DSA-4229",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4229"
},
{
"name": "openSUSE-SU-2019:2594",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html"
},
{
"name": "openSUSE-SU-2019:2598",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0403",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172833/strongSwan-VPN-Charon-Server-Buffer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "strongSwan",
"vendor": "strongSwan",
"versions": [
{
"lessThan": "5.6.3",
"status": "affected",
"version": "5.6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Kevin Backhouse for reporting this vulnerability."
}
],
"datePublic": "2018-05-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-124",
"description": "CWE-124",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#338343",
"tags": [
"third-party-advisory"
],
"url": "http://www.kb.cert.org/vuls/id/338343"
},
{
"name": "GLSA-201811-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201811-16"
},
{
"url": "https://git.strongswan.org/?p=strongswan.git%3Ba=commitdiff%3Bh=0acd1ab4"
},
{
"name": "104263",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/104263"
},
{
"name": "USN-3771-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/3771-1/"
},
{
"name": "DSA-4229",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4229"
},
{
"name": "openSUSE-SU-2019:2594",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html"
},
{
"name": "openSUSE-SU-2019:2598",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html"
},
{
"name": "openSUSE-SU-2020:0403",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html"
},
{
"url": "http://packetstormsecurity.com/files/172833/strongSwan-VPN-Charon-Server-Buffer-Overflow.html"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2018-5388",
"datePublished": "2018-05-31T00:00:00.000Z",
"dateReserved": "2018-01-12T00:00:00.000Z",
"dateUpdated": "2024-08-05T05:33:44.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}