Vulnerability CVE-2013-2944: Information

Description

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

Severity: MEDIUM (4.9)

Published: May 2, 2013
Modified: Nov. 7, 2023
Error type identifier: CWE-287

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:strongswan:strongswan:4.3.7:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.5.3:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.5.2:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:5.0.1:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.4.0:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.5.1:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.3.5:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.6.4:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.6.2:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.6.1:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.3.6:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.6.0:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.6.3:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:5.0.0:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.4.1:*:*:*:*:*:*:*

      cpe:2.3:a:strongswan:strongswan:4.5.0:*:*:*:*:*:*:*