[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-announce
Subject:    [Announce] strongSwan RSA signature vulnerability
From:       Martin Willi <martin () strongswan ! org>
Date:       2012-05-31 15:23:43
Message-ID: 1338477823.2205.54.camel () martin
[Download RAW message or body]

We have been informed about a security vulnerability in
strongSwan. If the strongSwan "gmp" plugin is used for RSA signature
verification, an empty or zeroed signature is handled as a legitimate
one. CVE-2012-2388 has been reserved for this vulnerability.

To exploit the vulnerability, a connection definition using RSA
authentication is required. An attacker presenting a forged signature
and/or certificate can authenticate as any legitimate user. strongSwan
version back to 4.2.0 and up to 4.6.3 are affected, using both IKEv1 and
IKEv2. Injecting code is not possible by such an attack.

The patch at [1] fixes the vulnerability and should apply to all
affected versions. Please update your installations as soon as possible.
strongSwan 4.6.4 including the fix is available at [2], the release
announcement will follow soon.

Our apologies for having such a serious vulnerability in the strongSwan
codebase.

Kind Regards
Martin

[1]http://download.strongswan.org/patches/09_gmp_rsa_signature_patch/strongswan-4.2.0-4.6.3_gmp_rsa_signature.patch
 [2]http://download.strongswan.org/strongswan-4.6.4.tar.bz2


_______________________________________________
Announce mailing list
Announce@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/announce


[prev in list] [next in list] [prev in thread] [next in thread]