Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
strongSwan 输入验证错误漏洞
Vulnerability Description
strongSwan是瑞士Andreas Steffen个人开发者的一套Linux平台使用的开源的基于IPsec的VPN解决方案。该方案包含X.509公开密钥证书、安全储存私钥、智能卡等认证机制。 StrongSwan 中存在输入验证错误漏洞,该漏洞源于产品未能正确处理RSASSA-PSS签名。攻击者可通过一个不相关的自签名证书导致远程代码执行。StrongSwan 5.9.4 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A