7 matches found
CVE-2023-26463 affecting package strongswan for versions less than 5.9.10-1
CVE-2023-26463 affecting package strongswan for versions less than 5.9.10-1. An upgraded version of the package is available that resolves this issue...
strongSwan 5.9.8 < 5.9.10 DoS Vulnerability
strongSwan is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
Fedora 37 : strongswan (2023-25800591ef)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-25800591ef advisory. Update to 5.9.10 for CVE-2023-26463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...
Fedora 38 : strongswan (2023-9fb10d880d)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9fb10d880d advisory. Update to 5.9.10 for CVE-2023-26463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...
SUSE CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...