CVE-2013-2944

EPSS 0.32%

strongswan - authentication bypass

發布日:2013/5/2修改日:2026/4/28

描述

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

受影響套件(2)

Debian/strongswanfrom 0, < 4.6.4-7
Debian/strongswanfrom 0, < 4.4.1-5.3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2944