KB5032192: Windows 11 version 21H2 Security Update (November 2023)

The remote Windows host is missing security update 5032192. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...

eap-7: heap exhaustion via deserialization

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...

freeradius: Information leakage in EAP-PWD

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

CVE-2023-28182

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with...

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS EAP-TTLS EAP-PEAP or EAP-TNC). This is fixed in 5.9.10.

...

The vulnerability of strongSwan demon, related to errors in certificate verification in EAP methods based on TLS, allows a perpetrator to perform a denial-of-service attack.

The vulnerability of strongSwan is related to errors in certificate verification during EAP methods based on TLS. Exploiting this vulnerability allows a remote attacker to perform a denial-of-service attack...

AZL-26300 CVE-2023-26463 affecting package strongswan for versions less than 5.9.10-1

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

ALPINE-CVE-2023-26463

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

DEBIAN-CVE-2023-26463

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

strongSwan 信任管理问题漏洞

strongSwan is a Swiss Andreas Steffen personal developer of a Linux platform to use the open source IPsec-based VPN solution. The solution includes authentication mechanisms such as X.509 public key certificates, securely stored private keys, and smart cards. A security vulnerability exists in...

PT-2023-21616 · Apple · Macos Monterey +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 macOS Monterey versions prior to 12.6.4 macOS Big Sur versions prior to 11.7.5 iOS versions prior to 16.4 iOS versions prior to 15.7.4 iPadOS versions prior to 16.4 iPadOS versions prior to 15.7.4 Description: The...

SUSE CVE-2023-26463

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted PEAP packets...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to induce a service failure.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Protected Extensible Authentication Protocol (PEAP) implementation in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Protected Extensible Authentication Protocol PEAP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

SUSE CVE-2006-1354

Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service server crash via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module...

SUSE CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

SUSE CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtai...

SUSE CVE-2015-5314

The eappwdprocess function in eapserver/eapserverpwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with 1 an internal EAP server or 2 a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote...