openSUSE-SU-2019:2594

openSUSE-SU-2019:2598

https://download.strongswan.org/security/CVE-2018-10811/

FEDORA-2018-0de3edbdea

GLSA-201811-16

USN-3771-1

DSA-4229

https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-10811).html

This update for strongswan provides the following fixes :

Security issues fixed :

CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462).

CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536).

CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874).

CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).

Other issues addressed: Fixed some client fails when the scep server URL is used with HTTPS protocol (bsc#1071853).

Reject Diffie-Hellman key exchanges using primes smaller than 1024 bit.

Handle unexpected informational message from SonicWall. (bsc#1009254)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for strongswan fixes the following issues :

Security issues fixed :

  - CVE-2018-5388: Fixed a buffer underflow which may allow     to a remote attacker with local user credentials to     resource exhaustion and denial of service while reading     from the socket (bsc#1094462).

  - CVE-2018-10811: Fixed a denial of service during the     IKEv2 key derivation if the openssl plugin is used in     FIPS mode and HMAC-MD5 is negotiated as PRF     (bsc#1093536).

  - CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in     the gmp plugin which might lead to authorization bypass     (bsc#1107874).

  - CVE-2018-17540: Fixed an improper input validation in     gmp plugin (bsc#1109845). 

This update was imported from the SUSE:SLE-15:Update update project.

This update for strongswan fixes the following issues :

Security issues fixed :

CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462).

CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536).

CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874).

CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update of the strongswan package has been released.

New version 5.6.3 Security fix for CVE-2018-10811

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201811-16 (strongSwan: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in strongSwan. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could cause a Denial of Service condition or       impersonate a user.
  Workaround :

    There is no known workaround at this time.

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service.
(CVE-2018-10811)

Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. (CVE-2018-16151)

Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. (CVE-2018-16152)

It was discovered that strongSwan incorrectly handled the stroke plugin. A local administrator could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-5388).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update of 'docker', 'python2', 'strongswan' packages of Photon OS has been released.

An update of 'python2', 'strongswan', 'python3', 'postgresql' packages of Photon OS has been released.

Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite.

  - CVE-2018-5388     The stroke plugin did not verify the message length when     reading from its control socket. This vulnerability     could lead to denial of service. On Debian write access     to the socket requires root permission on default     configuration.

  - CVE-2018-10811     A missing variable initialization in IKEv2 key     derivation could lead to a denial of service (crash of     the charon IKE daemon) if the openssl plugin is used in     FIPS mode and the negotiated PRF is HMAC-MD5.

strongSwan security team reports :

- A denial-of-service vulnerability in the IKEv2 key derivation was fixed if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (which is not FIPS-compliant). So this should only affect very specific setups, but in such configurations all strongSwan versions since 5.0.1 may be affected.

- A denial-of-service vulnerability in the stroke plugin was fixed.
When reading a message from the socket the plugin did not check the received length. Unless a group is configured, root privileges are required to access that socket, so in the default configuration this shouldn't be an issue, but all strongSwan versions may be affected.

ID	Name	Product	Family	Severity
135007	openSUSE Security Update : strongswan (openSUSE-2020-403)	Nessus	SuSE Local Security Checks	medium
134852	SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2020:0743-1)	Nessus	SuSE Local Security Checks	medium
132009	SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2019:3266-1)	Nessus	SuSE Local Security Checks	medium
131541	openSUSE Security Update : strongswan (openSUSE-2019-2598)	Nessus	SuSE Local Security Checks	medium
131537	openSUSE Security Update : strongswan (openSUSE-2019-2594)	Nessus	SuSE Local Security Checks	medium
131306	SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2019:3056-1)	Nessus	SuSE Local Security Checks	medium
121986	Photon OS 2.0: Strongswan PHSA-2018-2.0-0086	Nessus	PhotonOS Local Security Checks	medium
121882	Photon OS 1.0: Strongswan PHSA-2018-1.0-0178	Nessus	PhotonOS Local Security Checks	medium
120233	Fedora 28 : strongswan (2018-0de3edbdea)	Nessus	Fedora Local Security Checks	medium
119161	GLSA-201811-16 : strongSwan: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
117805	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : strongswan vulnerabilities (USN-3771-1)	Nessus	Ubuntu Local Security Checks	medium
112224	Photon OS 2.0: Docker / Python2 / Strongswan PHSA-2018-2.0-0086 (deprecated)	Nessus	PhotonOS Local Security Checks	medium
112221	Photon OS 1.0: Postgresql / Python2 / Python3 / Strongswan PHSA-2018-1.0-0178 (deprecated)	Nessus	PhotonOS Local Security Checks	medium
110570	Debian DSA-4229-1 : strongswan - security update	Nessus	Debian Local Security Checks	medium
110274	FreeBSD : strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388) (7fc3e827-64a5-11e8-aedb-00224d821998)	Nessus	FreeBSD Local Security Checks	medium

CVE-2018-10811

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins