Debian DSA-3866-1 : strongswan - security update

high Nessus Plugin ID 100520

Synopsis

The remote Debian host is missing a security-related update.

Description

Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project.

- CVE-2017-9022 RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate with an appropriately prepared public key sent by a peer could be used for a denial-of-service attack.

- CVE-2017-9023 ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate.

A fix for a build failure was additionally included in the 5.2.1-6+deb8u4 revision of the strongSwan package.

Solution

Upgrade the strongswan packages.

For the stable distribution (jessie), these problems have been fixed in version 5.2.1-6+deb8u3.

For the upcoming stable distribution (stretch), these problems have been fixed in version 5.5.1-4

See Also

https://security-tracker.debian.org/tracker/CVE-2017-9022

https://security-tracker.debian.org/tracker/CVE-2017-9023

https://packages.debian.org/source/jessie/strongswan

https://www.debian.org/security/2017/dsa-3866

Plugin Details

Severity: High

ID: 100520

File Name: debian_DSA-3866.nasl

Version: 3.6

Type: local

Agent: unix

Published: 5/31/2017

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:strongswan, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 5/30/2017

Reference Information

CVE: CVE-2017-9022, CVE-2017-9023

DSA: 3866