strongSwan CVE-2018-5388 Buffer Underflow Vulnerability

strongSwan is prone to a buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to exhaust the resources, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
Versions prior to strongSwan 5.6.3 are vulnerable.

Information

Bugtraq ID: 104263
Class: Boundary Condition Error
CVE: CVE-2018-5388

Remote: Yes
Local: No
Published: May 23 2018 12:00AM
Updated: May 23 2018 12:00AM
Credit: Kevin Backhouse
Vulnerable: strongSwan strongSwan 5.6.2
strongSwan strongSwan 5.6.1
strongSwan strongSwan 5.6
strongSwan strongSwan 5.5.3
strongSwan strongSwan 5.5.2
strongSwan strongSwan 5.5.1
strongSwan strongSwan 5.5
strongSwan strongSwan 5.4
strongSwan strongSwan 5.2.2
strongSwan strongSwan 5.2.1
strongSwan strongSwan 5.1.1
strongSwan strongSwan 5.1
strongSwan strongSwan 5.0.4
strongSwan strongSwan 5.0.3
strongSwan strongSwan 5.0.2
strongSwan strongSwan 5.0.1
strongSwan strongSwan 4.6.4
strongSwan strongSwan 4.4.1
strongSwan strongSwan 4.4
strongSwan strongSwan 4.3.7
strongSwan strongSwan 4.3.6
strongSwan strongSwan 4.3.5
strongSwan strongSwan 4.3.3
strongSwan strongSwan 4.3.2
strongSwan strongSwan 4.3.1
strongSwan strongSwan 4.3
strongSwan strongSwan 4.2.17
strongSwan strongSwan 4.2.16
strongSwan strongSwan 4.2.15
strongSwan strongSwan 4.2.14
strongSwan strongSwan 4.2.13
strongSwan strongSwan 4.2.12
strongSwan strongSwan 4.2.11
strongSwan strongSwan 4.2.7
strongSwan strongSwan 4.2.6
strongSwan strongSwan 4.1.10
strongSwan strongSwan 4.1.9
strongSwan strongSwan 4.1.8
strongSwan strongSwan 4.1
strongSwan strongSwan 2.8.11
strongSwan strongSwan 2.8.10
strongSwan strongSwan 2.8.9
strongSwan strongSwan 2.8.8
strongSwan strongSwan 2.6.21
strongSwan strongSwan 2.6.20
strongSwan strongSwan 2.6.16
strongSwan strongSwan 2.6.14
strongSwan strongSwan 2.5.6
strongSwan strongSwan 2.4 a
strongSwan strongSwan 2.1.3
strongSwan strongSwan 5.3.4
strongSwan strongSwan 5.3.3
strongSwan strongSwan 5.3.1
strongSwan strongSwan 5.3.0
strongSwan strongSwan 5.2.0
strongSwan strongSwan 5.1.3
strongSwan strongSwan 5.1.2
strongSwan strongSwan 5.0.0
strongSwan strongSwan 4.6.3
strongSwan strongSwan 4.6.2
strongSwan strongSwan 4.6.1
strongSwan strongSwan 4.6.0
strongSwan strongSwan 4.5.3
strongSwan strongSwan 4.5.2
strongSwan strongSwan 4.5.1
strongSwan strongSwan 4.5.0
strongSwan strongSwan 4.3.4
strongSwan strongSwan 4.2.9
strongSwan strongSwan 4.2.8
strongSwan strongSwan 4.2.5
strongSwan strongSwan 4.2.4
strongSwan strongSwan 4.2.3
strongSwan strongSwan 4.2.2
strongSwan strongSwan 4.2.10
strongSwan strongSwan 4.2.1
strongSwan strongSwan 4.2.0
strongSwan strongSwan 4.1.7
strongSwan strongSwan 4.1.6
strongSwan strongSwan 4.1.5
strongSwan strongSwan 4.1.4
strongSwan strongSwan 4.1.3
strongSwan strongSwan 4.1.2
strongSwan strongSwan 4.1.11
strongSwan strongSwan 4.1.1
strongSwan strongSwan 4.0.7
strongSwan strongSwan 4.0.6
strongSwan strongSwan 4.0.5
strongSwan strongSwan 4.0.4
strongSwan strongSwan 4.0.3
strongSwan strongSwan 4.0.2
strongSwan strongSwan 4.0.1
strongSwan strongSwan 4.0.0
strongSwan strongSwan 2.8.7
strongSwan strongSwan 2.8.6
strongSwan strongSwan 2.8.5
strongSwan strongSwan 2.8.4
strongSwan strongSwan 2.8.3
strongSwan strongSwan 2.8.2
strongSwan strongSwan 2.8.1
strongSwan strongSwan 2.8.0
strongSwan strongSwan 2.7.3
strongSwan strongSwan 2.7.2
strongSwan strongSwan 2.7.1
strongSwan strongSwan 2.7.0
strongSwan strongSwan 2.6.4
strongSwan strongSwan 2.6.3
strongSwan strongSwan 2.6.2
strongSwan strongSwan 2.6.1
strongSwan strongSwan 2.6.0
strongSwan strongSwan 2.5.7
strongSwan strongSwan 2.5.5
strongSwan strongSwan 2.5.4
strongSwan strongSwan 2.5.3
strongSwan strongSwan 2.5.2
strongSwan strongSwan 2.5.1
strongSwan strongSwan 2.5.0
strongSwan strongSwan 2.4.4
strongSwan strongSwan 2.4.3
strongSwan strongSwan 2.4.2
strongSwan strongSwan 2.4.1
strongSwan strongSwan 2.4.0
strongSwan strongSwan 2.3.2
strongSwan strongSwan 2.3.1
strongSwan strongSwan 2.3.0
strongSwan strongSwan 2.1.5
strongSwan strongSwan 2.1.4
strongSwan strongSwan 2.1.2
strongSwan strongSwan 2.1.1
strongSwan strongSwan 2.1.0
strongSwan strongSwan 2.0.2
strongSwan strongSwan 2.0.1
strongSwan strongSwan 2.0.0
strongSwan strongSwan 1.0

Not Vulnerable: strongSwan strongSwan 5.6.3

Exploit

An attacker can exploit this issue using readily available tools.

References:

gitprojects / strongswan.git / commitdiff (strongSwan)
strongSwan Homepage (strongSwan)
Bug 1581867 CVE-2018-5388 strongswan: buffer underflow in stroke_socket.c (Redhat)
CVE-2018-5388 (Redhat)

Source: www.securityfocus.com

Exploit Collector

Search Exploit