Main Vulnerability Database SB2018100206

SB2018100206 - Debian update for strongswan

Published: October 2, 2018 Updated: November 5, 2018

Security Bulletin ID SB2018100206

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2018-17540)

The vulnerability allows a remote attacker to perform denial of service attacks.

The vulnerability exists due to a boundary error when processing certificates within gmp plugin. A remote attacker can create a specially crafted certificate, pass it to the affected application and trigger application crash.

2) Improper Authentication (CVE-ID: CVE-2018-16151)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in RSA implementation based on GMP (verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c) within the gmp plugin that does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. A remote attacker can forge signatures when small public exponents are being used and impersonate the victim.

Successful exploitation of the vulnerability may allow an attacker to take full control over victim's session but requires that only an RSA signature is used for IKEv2 authentication.

Remediation

Install update from vendor's website.

References

https://www.debian.org/security/2018/dsa-4309