Improper Authentication in strongSwan
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2013-2944 |
| CWE-ID | CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
strongSwan Server applications / Encryption software |
| Vendor | strongswan.org |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper Authentication
EUVDB-ID: #VU42852
Risk: Low
CVSSv3.1: 2.3 [CVSS:3.1/AV:N/AC:L/PR:/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-2944
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrongSwan: 4.3.5 - 5.0.2
External linkshttp://download.strongswan.org/patches/10_openssl_ecdsa_signature_patch/strongswan-4.3.5-5.0.3_openssl_ecdsa_signature.patch
http://lists.opensuse.org/opensuse-updates/2013-05/msg00014.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00010.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00121.html
http://www.debian.org/security/2013/dsa-2665
http://www.securityfocus.com/bid/59580
http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-(cve-2013-2944).html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
