CVE-2018-5388

Опубликовано: 31 мая 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html
http://packetstormsecurity.com/files/172833/strongSwan-VPN-Charon-Server-Buffer-Overflow.html
http://www.kb.cert.org/vuls/id/338343
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/104263
Third Party Advisory
VDB Entry
https://git.strongswan.org/?p=strongswan.git%3Ba=commitdiff%3Bh=0acd1ab4
https://security.gentoo.org/glsa/201811-16
Third Party Advisory
https://usn.ubuntu.com/3771-1/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4229
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html
http://packetstormsecurity.com/files/172833/strongSwan-VPN-Charon-Server-Buffer-Overflow.html
http://www.kb.cert.org/vuls/id/338343
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/104263
Third Party Advisory
VDB Entry
https://git.strongswan.org/?p=strongswan.git%3Ba=commitdiff%3Bh=0acd1ab4
https://security.gentoo.org/glsa/201811-16
Third Party Advisory
https://usn.ubuntu.com/3771-1/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4229
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*

Версия до 5.6.3 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 89%

0.04302

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-124

CWE-787

Связанные уязвимости

CVE-2018-5388

CVSS3: 6.5

ubuntu

больше 7 лет назад

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

CVE-2018-5388

CVSS3: 5.5

redhat

больше 7 лет назад

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

CVE-2018-5388

CVSS3: 6.5

debian

больше 7 лет назад

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length ...

GHSA-fg62-299p-x79j

CVSS3: 6.5

github

больше 3 лет назад

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

BDU:2020-01850

CVSS3: 6.5

fstec

почти 8 лет назад

Уязвимость функции stroke_socket.c IPSEC демона strongSwan, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 89%

0.04302

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-124

CWE-787