Ubuntu Security Update USN-5651-1: strongSwan vulnerability

LinuxBot

Member
Joined
Apr 25, 2017
Messages
30
Reaction score
10
Credits
0
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.

Continue reading...
 

Members online


Latest posts

Top