Skip to main content

Strongswan CVE-2018-17540

HIGH
Buffer Overflow (CWE-119)
2018-10-03 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 03, 2018 - 20:29 nvd
HIGH 7.5

DescriptionNVD

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

AnalysisAI

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. Affected products include: Strongswan, Debian Debian Linux, Canonical Ubuntu Linux. Version information: before 5.7.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2026-25075 HIGH POC
8.7 Mar 23

Unauthenticated remote attackers can crash strongSwan versions 4.5.0 through 6.0.4 via integer underflow in the EAP-TTLS

CVE-2015-3991 CRITICAL
9.8 Sep 07

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code

CVE-2023-41913 CRITICAL
9.8 Dec 07

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value

CVE-2023-26463 CRITICAL
9.8 Apr 15

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two di

CVE-2013-5018 MEDIUM POC
4.3 Aug 28

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length f

CVE-2017-9022 HIGH
7.5 Jun 08

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which

CVE-2017-9023 HIGH
7.5 Jun 08

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allow

CVE-2017-11185 HIGH
7.5 Aug 18

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference

CVE-2012-2388 HIGH
7.5 Jun 27

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2)

CVE-2022-40617 HIGH
7.5 Oct 31

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a craft

CVE-2021-41991 HIGH
7.5 Oct 18

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests wi

CVE-2021-41990 HIGH
7.5 Oct 18

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS sig

Share

CVE-2018-17540 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy