Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-6075

Опубликовано: 02 нояб. 2013
Источник: ubuntu
Приоритет: medium
CVSS2: 5

Описание

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.

РелизСтатусПримечание
devel

not-affected

5.1.2-0ubuntu1
esm-infra-legacy/trusty

not-affected

5.1.2-0ubuntu1
esm-infra/xenial

not-affected

5.1.2-0ubuntu1
lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needed
quantal

ignored

end of life
raring

ignored

end of life
saucy

ignored

end of life
trusty

not-affected

5.1.2-0ubuntu1

Показывать по

Ссылки на источники

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-6075

redhat
больше 12 лет назад

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.

nvd логотип

CVE-2013-6075

nvd
больше 12 лет назад

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.

debian логотип

CVE-2013-6075

debian
больше 12 лет назад

The compare_dn function in utils/identification.c in strongSwan 4.3.3 ...

github логотип

GHSA-pv47-47g7-w845

github
больше 3 лет назад

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.

5 Medium

CVSS2