Skip to main content

Strongswan CVE-2013-5018

MEDIUM
Buffer Overflow (CWE-119)
2013-08-28 cve@mitre.org
4.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Aug 28, 2013 - 23:55 cve.org
MEDIUM 4.3

DescriptionCVE.org

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.

AnalysisAI

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow. Affected products include: Strongswan, Opensuse. Version information: through 5.0.4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2026-25075 HIGH POC
8.7 Mar 23

Unauthenticated remote attackers can crash strongSwan versions 4.5.0 through 6.0.4 via integer underflow in the EAP-TTLS

CVE-2015-3991 CRITICAL
9.8 Sep 07

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code

CVE-2023-41913 CRITICAL
9.8 Dec 07

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value

CVE-2023-26463 CRITICAL
9.8 Apr 15

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two di

CVE-2017-9022 HIGH
7.5 Jun 08

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which

CVE-2017-9023 HIGH
7.5 Jun 08

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allow

CVE-2017-11185 HIGH
7.5 Aug 18

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference

CVE-2012-2388 HIGH
7.5 Jun 27

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2)

CVE-2022-40617 HIGH
7.5 Oct 31

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a craft

CVE-2021-41991 HIGH
7.5 Oct 18

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests wi

CVE-2021-41990 HIGH
7.5 Oct 18

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS sig

CVE-2018-17540 HIGH
7.5 Oct 03

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. Rated high severity (CVSS 7.5

Share

CVE-2013-5018 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy