CVE-2010-2628 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-2628 Interim 1 20 2024-10-15T02:40:38Z current 2021-05-30T12:52:36Z 2024-10-15T02:40:38Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-2628 The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT/#KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT E-Mail link for SUSE-SR:2010:015 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Desktop 11 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15-ESPOS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server Business Critical Linux 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 strongswan strongswan-4.3.4-3.4.1 strongswan-doc strongswan-doc-4.3.4-3.4.1 strongswan-hmac strongswan-ipsec strongswan-libs0 strongswan-4.3.4-3.4.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA strongswan-doc-4.3.4-3.4.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA strongswan as a component of SUSE CaaS Platform 4.0 strongswan-doc as a component of SUSE CaaS Platform 4.0 strongswan-hmac as a component of SUSE CaaS Platform 4.0 strongswan-ipsec as a component of SUSE CaaS Platform 4.0 strongswan-libs0 as a component of SUSE CaaS Platform 4.0 strongswan as a component of SUSE Enterprise Storage 6 strongswan as a component of SUSE Linux Enterprise Desktop 11 strongswan as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS strongswan-doc as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS strongswan-hmac as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS strongswan as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS strongswan-doc as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS strongswan-hmac as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS strongswan as a component of SUSE Linux Enterprise Server 11 strongswan-doc as a component of SUSE Linux Enterprise Server 11 strongswan as a component of SUSE Linux Enterprise Server 15 SP1-LTSS strongswan-doc as a component of SUSE Linux Enterprise Server 15 SP1-LTSS strongswan-hmac as a component of SUSE Linux Enterprise Server 15 SP1-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise Server 15 SP1-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS strongswan as a component of SUSE Linux Enterprise Server 15-ESPOS strongswan as a component of SUSE Linux Enterprise Server 15-LTSS strongswan-doc as a component of SUSE Linux Enterprise Server 15-LTSS strongswan-hmac as a component of SUSE Linux Enterprise Server 15-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise Server 15-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise Server 15-LTSS strongswan as a component of SUSE Linux Enterprise Server Business Critical Linux 15 SP1 strongswan as a component of SUSE Linux Enterprise Server for SAP Applications 15 strongswan-doc as a component of SUSE Linux Enterprise Server for SAP Applications 15 strongswan-hmac as a component of SUSE Linux Enterprise Server for SAP Applications 15 strongswan-ipsec as a component of SUSE Linux Enterprise Server for SAP Applications 15 strongswan-libs0 as a component of SUSE Linux Enterprise Server for SAP Applications 15 strongswan as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 strongswan-doc as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 strongswan-hmac as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 strongswan-ipsec as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 strongswan-libs0 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 strongswan as a component of SUSE Manager Proxy 4.0 strongswan as a component of SUSE Manager Retail Branch Server 4.0 strongswan as a component of SUSE Manager Server 4.0 The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows. CVE-2010-2628 SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-4.3.4-3.4.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-doc-4.3.4-3.4.1 SUSE CaaS Platform 4.0:strongswan SUSE CaaS Platform 4.0:strongswan-doc SUSE CaaS Platform 4.0:strongswan-hmac SUSE CaaS Platform 4.0:strongswan-ipsec SUSE CaaS Platform 4.0:strongswan-libs0 SUSE Enterprise Storage 6:strongswan SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-doc SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-hmac SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-ipsec SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-libs0 SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-doc SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-hmac SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-ipsec SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-libs0 SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-doc SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-hmac SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-ipsec SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-libs0 SUSE Linux Enterprise Server 15-ESPOS:strongswan SUSE Linux Enterprise Server 15-LTSS:strongswan SUSE Linux Enterprise Server 15-LTSS:strongswan-doc SUSE Linux Enterprise Server 15-LTSS:strongswan-hmac SUSE Linux Enterprise Server 15-LTSS:strongswan-ipsec SUSE Linux Enterprise Server 15-LTSS:strongswan-libs0 SUSE Linux Enterprise Server Business Critical Linux 15 SP1:strongswan SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-doc SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-hmac SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-ipsec SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-libs0 SUSE Linux Enterprise Server for SAP Applications 15:strongswan SUSE Linux Enterprise Server for SAP Applications 15:strongswan-doc SUSE Linux Enterprise Server for SAP Applications 15:strongswan-hmac SUSE Linux Enterprise Server for SAP Applications 15:strongswan-ipsec SUSE Linux Enterprise Server for SAP Applications 15:strongswan-libs0 SUSE Manager Proxy 4.0:strongswan SUSE Manager Retail Branch Server 4.0:strongswan SUSE Manager Server 4.0:strongswan important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P