Denial of Service Vulnerability in strongSwan 5.6.1

Denial of Service Vulnerability in strongSwan 5.6.1

CVE-2018-6459 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.

Learn more about our Web Application Penetration Testing UK.