Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-41913

Опубликовано: 07 дек. 2023
Источник: debian
EPSS Низкий

Описание

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
strongswanfixed5.9.12-1package

Примечания

  • https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html

  • Patches: https://download.strongswan.org/security/CVE-2023-41913/

EPSS

Процентиль: 90%
0.05743
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-41913

CVSS3: 9.8
ubuntu
почти 2 года назад

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

nvd логотип

CVE-2023-41913

CVSS3: 9.8
nvd
почти 2 года назад

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

msrc логотип

CVE-2023-41913

CVSS3: 9.8
msrc
почти 2 года назад

Описание отсутствует

suse-cvrf логотип

SUSE-SU-2023:4529-1

suse-cvrf
около 2 лет назад

Security update for strongswan

suse-cvrf логотип

SUSE-SU-2023:4516-1

suse-cvrf
около 2 лет назад

Security update for strongswan

EPSS

Процентиль: 90%
0.05743
Низкий