RSA Vulnerability in strongSwan GMP Plugin Affects Multiple Versions
CVE-2018-16151

7.5HIGH

Key Information:

Vendor

Strongswan

Status
Strongswan
Vendor
CVE Published:
26 September 2018

What is CVE-2018-16151?

The strongSwan RSA implementation based on the GMP plugin exhibits a serious flaw in the verify_emsa_pkcs1_signature() function, allowing the acceptance of excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. This vulnerability permits a remote attacker, particularly when small public exponents are utilized, to forge signatures and potentially impersonate users during IKEv2 authentication. Users of strongSwan versions 4.x and 5.x prior to version 5.7.0 are at risk, emphasizing the importance of upgrading to secure their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.debian.org/security/2018/dsa-4305
vendor-advisoryx_refsource_DEBIAN
https://security.gentoo.org/glsa/201811-16
vendor-advisoryx_refsource_GENTOO
https://www.strongswan.org/blog/2018/09/24/strongswan-vul...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.