In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.

...

CVE-2025-62291

A flaw was found in the strongSwan eap-mschapv2 plugin client-side. A remote attacker, specifically a malicious Extensible Authentication Protocol - Microsoft Challenge-Handshake Authentication Protocol version 2 EAP-MSCHAPv2 server, could exploit this by sending a specially crafted message betwe...

AZL-74660 CVE-2025-62291 affecting package strongswan for versions less than 5.9.14-8

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

Updated strongswan packages fix security vulnerability

Buffer Overflow When Handling EAP-MSCHAPv2 Failure Requests. CVE-2025-62291...

SUSE SLES12 Security Update : strongswan (SUSE-SU-2025:3904-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3904-1 advisory. - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Tenable has extracted the preceding description block...

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine Cisco ISE is an environment-aware platform ISE Identity Services Engine from Cisco USA. The platform collects real-time information from the network, users, and devices, and develops and enforces policies to regulate the network. A security vulnerability exists in t...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

SUSE-SU-2025:3873-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...

SUSE SLES15 Security Update : strongswan (SUSE-SU-2025:3857-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3857-1 advisory. - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Tenable has extracted the preceding descripti...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

SUSE-SU-2025:3834-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : strongSwan vulnerability (USN-7841-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7841-1 advisory. Xu Biang discovered that the strongSwan client incorrectly handled EAP-MSCHAPv2 failure requests. If a user or automated system were...

UBUNTU-CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

EUVD-2025-34364

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...

Microsoft NTLM 安全漏洞

Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...