CVE-2013-2944

EPSS 0.32%

strongswan - authentication bypass

Published: 5/2/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-2944

Description

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

Affected packages (2)

Debian/strongswanfrom 0, < 4.6.4-7
Debian/strongswanfrom 0, < 4.4.1-5.3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2944