13 matches found
FreeBSD : strongswan -- buffer overflow (bbda3d16-968e-11ee-b780-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bbda3d16-968e-11ee-b780-b42e991fc52e advisory. - strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via...
DEBIAN-CVE-2023-41913
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKESAINIT message...
Buffer Overflow
strongswan is vulnerable to Buffer Overflow. The vulnerability is due to charon-tkm version of the charon IKE daemon doesn't properly check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack. This potentially leads to a buffer overflow and...
The vulnerability of the VPN package based on the IPSec protocol strongSwan is caused by a mistake in the charon-tkm process, allowing a hacker to execute arbitrary code.
The vulnerability of the VPN package based on the IPSec protocol and strongSwan is caused by a mistake in the charon-tkm process, where the Key Exchange Protocol IKE is implemented using the TKMv2 Trusted Key Manager. Exploiting this vulnerability allows an attacker operating remotely to execute...
FreeBSD : strongSwan -- vulnerability in charon-tkm (a62c0c50-8aa0-11ee-ac0d-00e0670f2660)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a62c0c50-8aa0-11ee-ac0d-00e0670f2660 advisory. - strongSwan reports: A vulnerability in charon-tkm related to processing DH public values was discover...
SUSE-SU-2023:4529-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution bsc1216901...
SUSE CVE-2023-41913
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKESAINIT message...
SUSE-SU-2023:4516-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution bsc1216901...
SUSE-SU-2023:4515-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution bsc1216901...
SUSE-SU-2023:4514-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution bsc1216901...
CVE-2023-41913
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKESAINIT message...
PT-2023-7101 · Unknown +6 · Strongswan +6
Name of the Vulnerable Software and Affected Versions: strongSwan versions 5.3.0 through 5.9.11 Description: The issue is caused by a buffer overflow in the charon-tkm process with IKE protocol implementation based on TKMv2, leading to possible unauthenticated remote code execution via a DH publi...
strongSwan -- vulnerability in charon-tkm
strongSwan reports: A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected...