16 matches found
MiracleLinux 8 : libreswan-4.9-3.el8 (AXSA:2023-6143:08)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6143:08 advisory. libreswan: Regression of CVE-2023-30570 fixes in the MIRACLE LINUX CVE-2023-2295 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : libreswan-4.9-4.el9 (AXSA:2023-5959:05)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5959:05 advisory. libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux CVE-2023-2295 Tenable has extracted the preceding description block directly fr...
libreswan security and bug fix update
4.12-1.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1.1 - Fix CVE-2024-2357 RHEL-29734 - x509: unpack IPv6 general names based on length RHEL-32719 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping u...
libreswan security update
4.12-1.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping up the version to include bugs for CVE-2023-2295. There is no code fix for it. Fix for it is including t...
Oracle Linux 8 : libreswan (ELSA-2023-3107)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3107 advisory. - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...
AlmaLinux 8 : libreswan (ALSA-2023:3107)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...
Rocky Linux 8 : libreswan (RLSA-2023:3107)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...
AlmaLinux 9 : libreswan (ALSA-2023:3148)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3148 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...
CVE-2023-2295
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
CVE-2023-2295
Libreswan pluto vulnerability (CVE-2023-2295): via IKEv1 Aggressive Mode, a packet with unacceptable crypto algs and missing zero responder SPI can cause the pluto state machine to crash when a later packet reuses the responder SPI as the initiator SPI. No remote code execution is described. This...
RHEL 9 : libreswan (RHSA-2023:3148)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3148 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
Important: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
ALSA-2023:3107 Important: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
ALSA-2023:3148 Important: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
RHEL 8 : libreswan (RHSA-2023:3107)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3107 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...