{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2010-2628","title":"Title"},{"category":"description","text":"The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2010-2628","url":"https://www.suse.com/security/cve/CVE-2010-2628"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 615915 for CVE-2010-2628","url":"https://bugzilla.suse.com/615915"},{"category":"external","summary":"Advisory link for SUSE-SR:2010:015","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT/#KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT"}],"title":"SUSE CVE CVE-2010-2628","tracking":{"current_release_date":"2025-03-16T14:35:50Z","generator":{"date":"2023-02-15T05:58:15Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2010-2628","initial_release_date":"2023-02-15T05:58:15Z","revision_history":[{"date":"2023-02-15T05:58:15Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:09:52Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:33:20Z","number":"4","summary":"Current version"},{"date":"2024-10-14T07:23:13Z","number":"5","summary":"Current version"},{"date":"2025-03-14T08:02:55Z","number":"6","summary":"Current version"},{"date":"2025-03-16T14:35:50Z","number":"7","summary":"Current version"}],"status":"interim","version":"7"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE CaaS Platform 4.0","product":{"name":"SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:4.0"}}},{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 11","product":{"name":"SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sled:11"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11","product":{"name":"SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles:11"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP1-TERADATA","product":{"name":"SUSE Linux Enterprise Server 11 SP1-TERADATA","product_id":"SUSE Linux Enterprise Server 11 SP1-TERADATA","product_identification_helper":{"cpe":"cpe:/o:suse:sles:11:sp1:teradata"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-ESPOS","product":{"name":"SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-LTSS","product":{"name":"SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product":{"name":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_bcl:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp1"}}},{"category":"product_name","name":"SUSE Manager Proxy 4.0","product":{"name":"SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-proxy:4.0"}}},{"category":"product_name","name":"SUSE Manager Retail Branch Server 4.0","product":{"name":"SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-retail-branch-server:4.0"}}},{"category":"product_name","name":"SUSE Manager Server 4.0","product":{"name":"SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-server:4.0"}}},{"category":"product_version","name":"strongswan","product":{"name":"strongswan","product_id":"strongswan","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan@?upstream=strongswan.src.rpm"}}},{"category":"product_version","name":"strongswan-4.3.4-3.4.1","product":{"name":"strongswan-4.3.4-3.4.1","product_id":"strongswan-4.3.4-3.4.1","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:4.3.4:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan@4.3.4-3.4.1?upstream=strongswan-4.3.4-3.4.1.src.rpm"}}},{"category":"product_version","name":"strongswan-doc","product":{"name":"strongswan-doc","product_id":"strongswan-doc","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan-doc@?upstream=strongswan.src.rpm"}}},{"category":"product_version","name":"strongswan-doc-4.3.4-3.4.1","product":{"name":"strongswan-doc-4.3.4-3.4.1","product_id":"strongswan-doc-4.3.4-3.4.1","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:4.3.4:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan-doc@4.3.4-3.4.1?upstream=strongswan-4.3.4-3.4.1.src.rpm"}}},{"category":"product_version","name":"strongswan-hmac","product":{"name":"strongswan-hmac","product_id":"strongswan-hmac","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan-hmac@?upstream=strongswan.src.rpm"}}},{"category":"product_version","name":"strongswan-ipsec","product":{"name":"strongswan-ipsec","product_id":"strongswan-ipsec","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan-ipsec@?upstream=strongswan.src.rpm"}}},{"category":"product_version","name":"strongswan-libs0","product":{"name":"strongswan-libs0","product_id":"strongswan-libs0","product_identification_helper":{"cpe":"cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/strongswan-libs0@?upstream=strongswan.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"strongswan-4.3.4-3.4.1 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA","product_id":"SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-4.3.4-3.4.1"},"product_reference":"strongswan-4.3.4-3.4.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP1-TERADATA"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc-4.3.4-3.4.1 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA","product_id":"SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-doc-4.3.4-3.4.1"},"product_reference":"strongswan-doc-4.3.4-3.4.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP1-TERADATA"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Desktop 11"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise Server 15 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server 15-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server Business Critical Linux 15 SP1","product_id":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server Business Critical Linux 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan-doc as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-doc"},"product_reference":"strongswan-doc","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan-hmac as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-hmac"},"product_reference":"strongswan-hmac","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan-ipsec as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-ipsec"},"product_reference":"strongswan-ipsec","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan-libs0 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-libs0"},"product_reference":"strongswan-libs0","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"strongswan as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:strongswan"},"product_reference":"strongswan","relates_to_product_reference":"SUSE Manager Server 4.0"}]},"vulnerabilities":[{"cve":"CVE-2010-2628","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2010-2628"}],"notes":[{"category":"general","text":"The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Desktop 11:strongswan","SUSE Linux Enterprise Server 11:strongswan","SUSE Linux Enterprise Server 11:strongswan-doc"],"known_not_affected":["SUSE CaaS Platform 4.0:strongswan","SUSE CaaS Platform 4.0:strongswan-doc","SUSE CaaS Platform 4.0:strongswan-hmac","SUSE CaaS Platform 4.0:strongswan-ipsec","SUSE CaaS Platform 4.0:strongswan-libs0","SUSE Enterprise Storage 6:strongswan","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-doc","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-hmac","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-ipsec","SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-libs0","SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan","SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-doc","SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-hmac","SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-ipsec","SUSE Linux Enterprise High Performance Computing 15-LTSS:strongswan-libs0","SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan","SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-doc","SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-hmac","SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-ipsec","SUSE Linux Enterprise Server 15 SP1-LTSS:strongswan-libs0","SUSE Linux Enterprise Server 15-ESPOS:strongswan","SUSE Linux Enterprise Server 15-LTSS:strongswan","SUSE Linux Enterprise Server 15-LTSS:strongswan-doc","SUSE Linux Enterprise Server 15-LTSS:strongswan-hmac","SUSE Linux Enterprise Server 15-LTSS:strongswan-ipsec","SUSE Linux Enterprise Server 15-LTSS:strongswan-libs0","SUSE Linux Enterprise Server Business Critical Linux 15 SP1:strongswan","SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan","SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-doc","SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-hmac","SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-ipsec","SUSE Linux Enterprise Server for SAP Applications 15 SP1:strongswan-libs0","SUSE Linux Enterprise Server for SAP Applications 15:strongswan","SUSE Linux Enterprise Server for SAP Applications 15:strongswan-doc","SUSE Linux Enterprise Server for SAP Applications 15:strongswan-hmac","SUSE Linux Enterprise Server for SAP Applications 15:strongswan-ipsec","SUSE Linux Enterprise Server for SAP Applications 15:strongswan-libs0","SUSE Manager Proxy 4.0:strongswan","SUSE Manager Retail Branch Server 4.0:strongswan","SUSE Manager Server 4.0:strongswan"],"recommended":["SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-4.3.4-3.4.1","SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-doc-4.3.4-3.4.1"]},"references":[{"category":"external","summary":"CVE-2010-2628","url":"https://www.suse.com/security/cve/CVE-2010-2628"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 615915 for CVE-2010-2628","url":"https://bugzilla.suse.com/615915"},{"category":"external","summary":"Advisory link for SUSE-SR:2010:015","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT/#KILI6WO4HD4UVXOVYK2U6VA77TI7DFZT"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-4.3.4-3.4.1","SUSE Linux Enterprise Server 11 SP1-TERADATA:strongswan-doc-4.3.4-3.4.1"]}],"threats":[{"category":"impact","date":"2013-06-28T05:25:27Z","details":"important"}],"title":"CVE-2010-2628"}]}