strongswan

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description open source IPsec implementation
Version 5.6.3-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-710 5.6.2-1 5.6.2-2 Low Fixed FS#58719
AVG-625 5.6.1-1 5.6.2-1 Medium Fixed FS#57597
AVG-382 5.5.3-3 5.5.3-4 Low Fixed
Issue Group Severity Remote Type Description
CVE-2018-6459 AVG-625 Medium Yes Denial of service
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c before strongSwan 5.6.2 allows remote attackers to cause a denial of...
CVE-2018-5388 AVG-710 Low No Denial of service
strongSwan VPN's charon server prior to version 5.6.3 is missing a packet length check in stroke_socket.c, allowing a buffer overflow which may lead to...
CVE-2017-11185 AVG-382 Low Yes Denial of service
Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures, which requires decryption with...

Advisories

Date Advisory Group Severity Description
26 May 2018 ASA-201805-26 AVG-710 Low denial of service
21 Feb 2018 ASA-201802-10 AVG-625 Medium denial of service
14 Aug 2017 ASA-201708-13 AVG-382 Low denial of service