Vulnerability Details CVE-2010-2628
The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 89.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch
- http://lists.opensuse.org/opensuse-updates/2010-08/msg00026.html
- http://secunia.com/advisories/40956
- http://trac.strongswan.org/projects/strongswan/wiki/441
- http://www.securityfocus.com/bid/42444
- http://www.securitytracker.com/id?1024338
- http://www.vupen.com/english/advisories/2010/2085
- http://www.vupen.com/english/advisories/2010/2086
- https://bugzilla.novell.com/615915
- https://lists.strongswan.org/pipermail/users/2010-August/005167.html
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch
- http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch
- http://lists.opensuse.org/opensuse-updates/2010-08/msg00026.html
- http://secunia.com/advisories/40956
- http://trac.strongswan.org/projects/strongswan/wiki/441
- http://www.securityfocus.com/bid/42444
- http://www.securitytracker.com/id?1024338
- http://www.vupen.com/english/advisories/2010/2085
- http://www.vupen.com/english/advisories/2010/2086
- https://bugzilla.novell.com/615915
- https://lists.strongswan.org/pipermail/users/2010-August/005167.html
Products affected by CVE-2010-2628
-
cpe:2.3:a:strongswan:strongswan:4.3.0
-
cpe:2.3:a:strongswan:strongswan:4.3.1
-
cpe:2.3:a:strongswan:strongswan:4.3.2
-
cpe:2.3:a:strongswan:strongswan:4.3.3
-
cpe:2.3:a:strongswan:strongswan:4.3.4
-
cpe:2.3:a:strongswan:strongswan:4.3.5
-
cpe:2.3:a:strongswan:strongswan:4.3.6
-
cpe:2.3:a:strongswan:strongswan:4.4.0