strongSwan denial-of-service vulnerability

strongSwan denial-of-service vulnerability

Advisory ID	CVE Number	Date discovered	Severity	Advisory revision
STORM-2017-001	CVE-2017-9023	05/30/2017	medium	v1

Vulnerability details

A specifically crafted certificate could cause a denial of service in strongSwan.

Impacted products

Products	Severity	Detail
Stormshield Network Security	medium	SNS uses a vulnerable version of strongSwan

Revisions

Version	Date	Description
v1	05/30/2017	Initial release

Stormshield Network Security

CVSS v2 Overall Score: 6.8

Analysis	Impacted version
A specifically crafted certificate could cause a denial of service in SNS VPN service. If sent multiple times the SNS will end up timing out on every incoming connexion. Already estiblished tunnels will continue to work normally but they won’t be renegociated.	SNS 3.0.0 to 3.2.0 SNS 2.0.0 to 2.7.1

Workaround solution

Solution

Use PSK instead of x509

or

Disable VPN service

The 3.2.1 and 2.7.2 updates fixes this vulnerability.

Access vector	Access complexity	Authentication	Confidentiality impact	Integrity impact	Availability impact
Network	Low	None	None	None	Complete

CVSS Base score: 7.8	CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability	Remediation Level	Report Confidence
High	Official fix	Confirmed

CVSS Temporal score: 6.8	CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C/E:H/RL:OF/RC:C)

Collateral Damage Potential	Target Distribution
None	High [76-100%]

CVSS Environmental score: 6.8	CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C/E:H/RL:OF/RC:C/CDP:N/TD:H/CR:ND/IR:ND/AR:ND)

RSS Feed Contact Report a vulnerability Legal terms STORMSHIELD Corporate website Personal Data