CVE-2018-15836 - OpenCVE

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Xelerance	Openswan

Configuration 1 [-]

cpe:2.3:a:xelerance:openswan:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51	Patch Vendor Advisory
https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d	Patch Vendor Advisory
https://lists.openswan.org/pipermail/users/2018-August/023761.html	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-26T21:00:00

Updated: 2018-09-28T19:57:01

Reserved: 2018-08-23T00:00:00

Link: CVE-2018-15836

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-09-26T21:29:00.913

Modified: 2019-01-10T17:52:10.627

Link: CVE-2018-15836

JSON object: View

Redhat Information

No data.

CWE

CWE-347

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-08-24T00:00:00", "descriptions": [{"lang": "en", "value": "In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-28T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[openswan-users] 20180824 Xelerance has released Openswan 2.6.50.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.openswan.org/pipermail/users/2018-August/023761.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-15836", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[openswan-users] 20180824 Xelerance has released Openswan 2.6.50.1", "refsource": "MLIST", "url": "https://lists.openswan.org/pipermail/users/2018-August/023761.html"}, {"name": "https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d", "refsource": "CONFIRM", "url": "https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d"}, {"name": "https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51", "refsource": "CONFIRM", "url": "https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-15836", "datePublished": "2018-09-26T21:00:00", "dateReserved": "2018-08-23T00:00:00", "dateUpdated": "2018-09-28T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xelerance:openswan:*:*:*:*:*:*:*:*", "matchCriteriaId": "32D061AF-9BDF-481D-859E-5700E186FA15", "versionEndExcluding": "2.6.50.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used."}, {"lang": "es", "value": "En Openswan en versiones anteriores a la 2.6.50.1, la verificaci\u00f3n de firmas IKEv2 es vulnerable a \"variantes de ataques de bajo exponente de Bleichenbacher en firmas RSA PKCS#1\" cuando se emplean claves RSA RAW."}], "id": "CVE-2018-15836", "lastModified": "2019-01-10T17:52:10.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-26T21:29:00.913", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://lists.openswan.org/pipermail/users/2018-August/023761.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "nvd@nist.gov", "type": "Primary"}]}