Published: 19/06/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
strongswan strongswan
debian debian linux 8.0
debian debian linux 9.0
canonical ubuntu linux 18.04
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
fedoraproject fedora 28

Several security issues were fixed in strongSwan ...

Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite CVE-2018-5388 The stroke plugin did not verify the message length when reading from its control socket This vulnerability could lead to denial of service On Debian write access to the socket requires root permission on default configuration CVE-2018-10811 ...

strongSwan 560 and older allows Remote Denial of Service because of Missing Initialization of a Variable ...

CWE-909 https://www.debian.org/security/2018/dsa-4229 https://download.strongswan.org/security/CVE-2018-10811/https://usn.ubuntu.com/3771-1/https://security.gentoo.org/glsa/201811-16 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-%28cve-2018-10811%29.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBO6ZQKLB5RY3TV7MXADFTQKXA2LUEIL/https://usn.ubuntu.com/3771-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-10811

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect