Denial of Service Vulnerability in gmp Plugin of strongSwan

Denial of Service Vulnerability in gmp Plugin of strongSwan

CVE-2017-9022 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

Learn more about our Web Application Penetration Testing UK.