113 matches found
SuSE 11 Security Update : strongswan (SAT Patch Number 1283)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
SuSE 11 Security Update : openswan (SAT Patch Number 1296)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
SuSE9 Security Update : freeswan (YOU Patch Number 12445)
Two vulnerabilities in the freeswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon CVE-2009-2185. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
openSUSE Security Update : strongswan (strongswan-1281)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : strongswan (strongswan-1281)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : openswan (openswan-1285)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : openswan (openswan-1285)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
GLSA-200909-05 : Openswan: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200909-05 Openswan: Denial of Service Multiple vulnerabilities have been discovered in Openswan: Gerd v. Egidy reported a NULL pointer dereference in the Dead Peer Detection of the pluto IKE daemon as included in Openswan...
openSUSE Security Update : krb5 (krb5-740)
Clients sending negotiation requests with invalid flags could crash the kerberos server CVE-2009-0845. GSS-API clients could crash when reading from an invalid address space CVE-2009-0844. Invalid length checks could crash applications using the kerberos ASN.1 parser CVE-2009-0847. Under certain...
openSUSE Security Update : strongswan (strongswan-1050)
Two vulnerabilities in the strongswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon CVE-2009-2185. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...
openSUSE Security Update : krb5 (krb5-740)
Clients sending negotiation requests with invalid flags could crash the kerberos server CVE-2009-0845. GSS-API clients could crash when reading from an invalid address space CVE-2009-0844. Invalid length checks could crash applications using the kerberos ASN.1 parser CVE-2009-0847. Under certain...
openSUSE Security Update : openswan (openswan-1052)
Two vulnerabilities in the openswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon CVE-2009-2185. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Fedora 10 : openswan-2.6.21-2.fc10 (2009-7423)
Mon Jul 6 2009 Avesh Agarwal - 2.6.21-2 - Openswan ASN.1 parser vulnerability CVE-2009-2185 - Mon Mar 30 2009 Avesh Agarwal - 2.6.21-1 - new upstream release - Fix for CVE-2009-0790 DPD crasher - Fix remaining SADBEXTMAX - KSADBEXTMAX entries - Fix ipsec setup --status not showing amount of...
StrongSwan/Openswan Denial Of Service Vulnerability June-09
The host is installed with strongSwan/Openswan and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodstrongswannopenswandosvulnjun09.nasl 6515 2017-07-04 11:54:15Z cfischer $ StrongSwan/Openswan Denial Of Service Vulnerability June-09 Authors: Sharath S Copyright:...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
Code injection
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
CVE-2009-2185
CVE-2009-2185 affects the OpenSwan/StrongSwan IPSec implementations via the pluto IKE daemon. The ASN.1 parser in pluto could crash when processing crafted X.509 certificates (specifically crafted RDNs, UTCTIME, or GENERALIZEDTIME strings), producing a denial of service. Affected products and ver...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...