VU#338343: strongSwan VPN charon server vulnerable to buffer underflow

Vulnerability Note VU#338343 strongSwan VPN charon server vulnerable to buffer underflow Original Release date: 23 May 2018 | Last revised: 23 May 2018 Overview strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow, resulting in denial of service. Description CWE-124: Buffer Underwrite ('Buffer Underflow') - CVE-2018-5388 In stroke_socket.c, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from...