FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

strongswan -- buffer overflow

Affected packages
null < 5.9.12

Details

VuXML ID bbda3d16-968e-11ee-b780-b42e991fc52e
Discovery 2023-12-07
Entry 2023-12-09

cve@mitre.org reports:

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

[source]

References

CVE Name CVE-2023-41913
URL https://nvd.nist.gov/vuln/detail/CVE-2023-41913

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.