Описание
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-2388
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76013
- http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00002.html
- http://osvdb.org/82587
- http://secunia.com/advisories/49315
- http://secunia.com/advisories/49336
- http://secunia.com/advisories/49370
- http://secunia.com/advisories/55051
- http://www.debian.org/security/2012/dsa-2483
- http://www.securityfocus.com/bid/53752
- http://www.securitytracker.com/id?1027110
- http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html
Связанные уязвимости
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attacke ...
Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации