CVE-2013-2054
Published: 9 July 2013
Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.
Priority
Status
Package | Release | Status |
---|---|---|
strongswan Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Not vulnerable
(4.5.2-1.2)
|
|
quantal |
Not vulnerable
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Released
(4.3.4-1)
|