CVE-2010-2628 Information

Description

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.

Reference

http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.3_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.4_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.5_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.3.6_snprintf.patch http://download.strongswan.org/patches/08_snprintf_patch/strongswan-4.4.0_snprintf.patch http://lists.opensuse.org/opensuse-updates/2010-08/msg00026.html http://secunia.com/advisories/40956 http://trac.strongswan.org/projects/strongswan/wiki/441 http://www.securityfocus.com/bid/42444 http://www.securitytracker.com/id?1024338 http://www.vupen.com/english/advisories/2010/2085 http://www.vupen.com/english/advisories/2010/2086 https://bugzilla.novell.com/615915 https://lists.strongswan.org/pipermail/users/2010-August/005167.html