Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2023-41913

Published: 07/12/2023 Updated: 12/12/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Strongswan

Vulnerability Summary

strongSwan prior to 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

strongswan strongswan

Vendor Advisories

Debian Security Advisories: DSA-5560-1 strongswan -- security update
Florian Picca reported a bug in the charon-tkm daemon in strongSwan an IKE/IPsec suite The TKM-backed version of the charon IKE daemon (charon-tkm) doesn't check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack, causing a buffer overflow that could potentially be exploited for remote code ...

References

CWE-120https://github.com/strongswan/strongswan/releaseshttps://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.htmlhttps://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5560
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook