Vulnerability Description
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Strongswan | Strongswan | 4.3.3 |
Related Weaknesses (CWE)
References
- http://download.strongswan.org/security/CVE-2013-6075/strongswan-4.3.3-5.1.0_id_Patch
- http://www.debian.org/security/2012/dsa-2789
- http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerabiPatchVendor Advisory
- http://download.strongswan.org/security/CVE-2013-6075/strongswan-4.3.3-5.1.0_id_Patch
- http://www.debian.org/security/2012/dsa-2789
- http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerabiPatchVendor Advisory
FAQ
What is CVE-2013-6075?
CVE-2013-6075 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon c...
How severe is CVE-2013-6075?
CVE-2013-6075 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6075?
Check the references section above for vendor advisories and patch information. Affected products include: Strongswan Strongswan.