CVE-2017-9023
08.06.2017, 16:29
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| strongswan | strongswan | 𝑥 ≤ 5.5.2 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| strongswan |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| strongswan-doc |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| strongswan-hmac |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| strongswan-ipsec |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| strongswan-libs0 |
|
Common Weakness Enumeration
References