We have been informed about a security vulnerability in strongSwan. If the strongSwan "gmp" plugin is used for RSA signature verification, an empty or zeroed signature is handled as a legitimate one. CVE-2012-2388 has been reserved for this vulnerability.
To exploit the vulnerability, a connection definition using RSA authentication is required. An attacker presenting a forged signature and/or certificate can authenticate as any legitimate user. strongSwan version back to 4.2.0 and up to 4.6.3 are affected, using both IKEv1 and IKEv2. Injecting code is not possible by such an attack. The patch at [1] fixes the vulnerability and should apply to all affected versions. Please update your installations as soon as possible. strongSwan 4.6.4 including the fix is available at [2], the release announcement will follow soon. Our apologies for having such a serious vulnerability in the strongSwan codebase. Kind Regards Martin [1]http://download.strongswan.org/patches/09_gmp_rsa_signature_patch/strongswan-4.2.0-4.6.3_gmp_rsa_signature.patch [2]http://download.strongswan.org/strongswan-4.6.4.tar.bz2 _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
