Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libreswan DNS TXT Record 缓冲区溢出漏洞
Vulnerability Description
Libreswan是软件开发者Paul Wouters所研发的一个类似于Openswan的IPsec实现,它主要用于保证数据传输中的安全性、完整性问题。 Libreswan 3.0和3.1版本中存在缓冲区溢出漏洞,该漏洞源于程序没有对用户提交的数据进行充分的边界值检查。攻击者可利用该漏洞在受影响程序上下文中执行任意代码或造成程序崩溃,导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A