strongSwan GMP Plugin Authentication Bypass Vulnerability
BID:53752
Info
strongSwan GMP Plugin Authentication Bypass Vulnerability
| Bugtraq ID: | 53752 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-2388 |
| Remote: | Yes |
| Local: | No |
| Published: | May 31 2012 12:00AM |
| Updated: | Jun 04 2012 04:40PM |
| Credit: | This issue is disclosed in the Debian advisory. |
| Vulnerable: |
SuSE openSUSE 12.1 SuSE openSUSE 11.4 strongSwan strongSwan 4.4.1 strongSwan strongSwan 4.4 strongSwan strongSwan 4.3.7 strongSwan strongSwan 4.3.6 strongSwan strongSwan 4.3.5 strongSwan strongSwan 4.3.3 strongSwan strongSwan 4.3.2 strongSwan strongSwan 4.3.1 strongSwan strongSwan 4.3 strongSwan strongSwan 4.2.17 strongSwan strongSwan 4.2.16 strongSwan strongSwan 4.2.15 strongSwan strongSwan 4.2.14 strongSwan strongSwan 4.2.13 strongSwan strongSwan 4.2.7 strongSwan strongSwan 4.2.6 strongSwan strongSwan 4.1 strongSwan strongSwan 2.8.11 strongSwan strongSwan 2.8.10 strongSwan strongSwan 2.8.9 strongSwan strongSwan 2.8.8 strongSwan strongSwan 2.1.3 strongSwan strongSwan 4.3.4 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
strongSwan GMP Plugin Authentication Bypass Vulnerability
strongSwan is prone to a remote authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions on the affected computer. This may aid in further attacks.
strongSwan is prone to a remote authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions on the affected computer. This may aid in further attacks.
Exploit / POC
strongSwan GMP Plugin Authentication Bypass Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
strongSwan GMP Plugin Authentication Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
strongSwan GMP Plugin Authentication Bypass Vulnerability
References:
References:
- strongSwan Homepage (strongSwan)