CVE-2013-2053: Buffer Overflow

First published: Mon May 06 2013(Updated: )

Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Xelerance Openswan	<=2.6.38
Xelerance Openswan	=2.6.01
Xelerance Openswan	=2.6.02
Xelerance Openswan	=2.6.03
Xelerance Openswan	=2.6.04
Xelerance Openswan	=2.6.05
Xelerance Openswan	=2.6.06
Xelerance Openswan	=2.6.07
Xelerance Openswan	=2.6.08
Xelerance Openswan	=2.6.09
Xelerance Openswan	=2.6.10
Xelerance Openswan	=2.6.11
Xelerance Openswan	=2.6.12
Xelerance Openswan	=2.6.13
Xelerance Openswan	=2.6.14
Xelerance Openswan	=2.6.15
Xelerance Openswan	=2.6.16
Xelerance Openswan	=2.6.17
Xelerance Openswan	=2.6.18
Xelerance Openswan	=2.6.19
Xelerance Openswan	=2.6.20
Xelerance Openswan	=2.6.21
Xelerance Openswan	=2.6.22
Xelerance Openswan	=2.6.23
Xelerance Openswan	=2.6.24
Xelerance Openswan	=2.6.25
Xelerance Openswan	=2.6.26
Xelerance Openswan	=2.6.27
Xelerance Openswan	=2.6.28
Xelerance Openswan	=2.6.29
Xelerance Openswan	=2.6.30
Xelerance Openswan	=2.6.31
Xelerance Openswan	=2.6.32
Xelerance Openswan	=2.6.33
Xelerance Openswan	=2.6.34
Xelerance Openswan	=2.6.35
Xelerance Openswan	=2.6.36
Xelerance Openswan	=2.6.37

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/severity
agent/event
agent/references
agent/type
agent/description
agent/tags
agent/author
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/weakness
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2013-2053
vendor/xelerance
canonical/xelerance openswan
version/xelerance openswan/2.6.38
version/xelerance openswan/2.6.01
version/xelerance openswan/2.6.02
version/xelerance openswan/2.6.03
version/xelerance openswan/2.6.04
version/xelerance openswan/2.6.05
version/xelerance openswan/2.6.06
version/xelerance openswan/2.6.07
version/xelerance openswan/2.6.08
version/xelerance openswan/2.6.09
version/xelerance openswan/2.6.10
version/xelerance openswan/2.6.11
version/xelerance openswan/2.6.12
version/xelerance openswan/2.6.13
version/xelerance openswan/2.6.14
version/xelerance openswan/2.6.15
version/xelerance openswan/2.6.16
version/xelerance openswan/2.6.17
version/xelerance openswan/2.6.18
version/xelerance openswan/2.6.19
version/xelerance openswan/2.6.20
version/xelerance openswan/2.6.21
version/xelerance openswan/2.6.22
version/xelerance openswan/2.6.23
version/xelerance openswan/2.6.24
version/xelerance openswan/2.6.25
version/xelerance openswan/2.6.26
version/xelerance openswan/2.6.27
version/xelerance openswan/2.6.28
version/xelerance openswan/2.6.29
version/xelerance openswan/2.6.30
version/xelerance openswan/2.6.31
version/xelerance openswan/2.6.32
version/xelerance openswan/2.6.33
version/xelerance openswan/2.6.34
version/xelerance openswan/2.6.35
version/xelerance openswan/2.6.36
version/xelerance openswan/2.6.37

CVE-2013-2053: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact