CVE-2013-2053

Openswan < 2.6.39 - Buffer Overflow via DNS TXT Record Parsing

Title source: llm
STIX 2.1

Description

Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.

References (7)

Core 7
Core References
Vendor Advisory x_refsource_confirm
https://www.openswan.org/news/13
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0827.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/59838
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=960229
Various Sources mailing-list x_refsource_mlist
https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-2893

Scores

EPSS 0.0243
EPSS Percentile 82.3%

Details

CWE
CWE-119
Status published
Products (38)
xelerance/openswan 2.6.01
xelerance/openswan 2.6.02
xelerance/openswan 2.6.03
xelerance/openswan 2.6.04
xelerance/openswan 2.6.05
xelerance/openswan 2.6.06
xelerance/openswan 2.6.07
xelerance/openswan 2.6.08
xelerance/openswan 2.6.09
xelerance/openswan 2.6.10
... and 28 more
Published Jul 09, 2013
Tracked Since Feb 18, 2026