Computer Security
[EN] securityvulns.ru no-pyccku


strongSwan privilege escalation
Published:04.05.2013
Source:
SecurityVulns ID:13043
Type:remote
Threat Level:
5/10
Description:Under some condition it's possibloe to authenticate as a different user.
Affected:STRONGSWAN : strongSwan 5.0
CVE:CVE-2013-2944 (strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2665-1] strongswan security update (04.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod