CVE ID:	CVE-2013-2944
Description:	strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
Test IDs:	1.3.6.1.4.1.25623.1.1.4.2013.1237.1   1.3.6.1.4.1.25623.1.1.4.2013.1237.3   1.3.6.1.4.1.25623.1.0.702665   1.3.6.1.4.1.25623.1.1.4.2013.1237.2
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2944 BugTraq ID: 59580 http://www.securityfocus.com/bid/59580 Debian Security Information: DSA-2665 (Google Search) http://www.debian.org/security/2013/dsa-2665 http://download.strongswan.org/patches/10_openssl_ecdsa_signature_patch/strongswan-4.3.5-5.0.3_openssl_ecdsa_signature.patch SuSE Security Announcement: openSUSE-SU-2013:0774 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-05/msg00014.html SuSE Security Announcement: openSUSE-SU-2013:0873 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-06/msg00010.html SuSE Security Announcement: openSUSE-SU-2013:0985 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-06/msg00121.html