IKE: strongSwan Certificate and Identification Payload Parsing Buffer Overflow
A code execution vulnerability exists on strongSwan. The vulnerability is due to improper use of snprintf() when parsing certificates and Identification Payload. Remote attackers could exploit this vulnerability via a specially crafted certificate or identification payload. Successful exploitation would allow injection and execution of arbitrary code in the context of user root. Unsuccessful code injection attempts would cause termination of the pluto IKE daemon resulting in a denial of service condition.
Extended Description
The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.
Affected Products
Strongswan strongswan
References
CVE: CVE-2010-2628
Short Name
IKE:STRONGSWAN-CERTIFICATE-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IKE
Keywords
Buffer CVE-2010-2628 Certificate Identification Overflow Parsing Payload and strongSwan
Release Date
01/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Strongswan
CVSS Score
7.5