[SECURITY] [DSA 1899-1] New strongswan packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1899-1 [email protected] http://www.debian.org/security/ Florian Weimer October 02, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1899-1] New strongswan packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1899-1 [email protected] http://www.debian.org/security/ Florian Weimer October 02, 2009 http://www.debian.org/security/faq -...

DSA-1899-1 strongswan - denial of service

Bulletin has no description...

openSUSE Security Update : strongswan (strongswan-965)

This update fixes two denial of service bugs that can lead to a remote pre-auth crash while processing a IKESAINIT or a IKEAUTH request. CVE-2009-1957 and CVE-2009-1958 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

openSUSE Security Update : strongswan (strongswan-965)

This update fixes two denial of service bugs that can lead to a remote pre-auth crash while processing a IKESAINIT or a IKEAUTH request. CVE-2009-1957 and CVE-2009-1958 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

strongSwan IKE_SA_INIT and IKE_AUTH DoS Vulnerabilities

This host has installed strongSwan and is prone to Denial of Service Vulnerabilities. OpenVAS Vulnerability Test $Id: gbstrongswanmultdosvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ strongSwan IKESAINIT and IKEAUTH DoS Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone...

strongSwan IKE_SA_INIT and IKE_AUTH DoS Vulnerabilities

strongSwan is prone to multiple denial of service DoS vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2009-1957

charon/sa/ikesa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an invalid IKESAINIT request that triggers "an incomplete state," followed by a CREATECHILDSA request...

CVE-2009-1957

The CVE-2009-1957 issue affects the strongSwan project’s charon daemon. It arises from a flaw in the IKE_SA_INIT processing within charon/ike_sa.c that can trigger a NULL pointer dereference and crash, when a remote attacker sends a crafted IKE_SA_INIT request that leads to an incomplete state an...

CVE-2008-1957

CVE-2008-1957 describes an SQL injection vulnerability in Tr Script News 2.1, specifically in news.php where the nb parameter in voir mode can be manipulated to execute arbitrary SQL commands. The affected component is the news.php handler of Tr Script News 2.1. The current documents indicate rem...

CVE-2008-1957

creationtimestamp| type| source ---|---|--- 2008-04-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5483...

CVE-2007-1957

Guernion Sylvain Portail Web Php (PwP) is affected by CVE-2007-1957 with PHP remote file inclusion vulnerabilities in the index.php handling pageAll, affecting templates under template/Vert/ and template/Noir/. Successful exploits could allow an attacker to execute arbitrary PHP code on the serve...

CVE-2006-1957

The CVE-2006-1957 entry affects the com_rss option (rss.php) in Mambo and Joomla!. The vulnerability allows remote attackers to trigger a denial of service (disk consumption and potentially web-server outage) by issuing multiple requests with different values of the feed parameter. Public referen...

CVE-2002-1957

Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages...

CVE-2002-1957

CVE-2002-1957 describes a buffer overflow in the netlog function in pen.c affecting Pen 0.9.1 and 0.9.2. The overflow allows remote attackers to execute arbitrary commands via malformed log messages. The available documents specify the vulnerable component and affected versions, but do not provid...

CVE-2005-1957

The vulnerability concerns mtnpeak.net File Upload Manager, where an improper authentication check allows a remote attacker to modify a base64-encoded file parameter to perform privileged actions. Specifically, the affected component may be exploited to (1) read arbitrary files via the view actio...

CVE-2002-1957

Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages...