CVE-2024-25616

Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKEAUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attacke...

SUSE CVE-2009-1958

charon/sa/tasks/childcreate.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKEAUTH request without a 1 TSi or 2 TSr traffic selector...

SUSE CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

Debian DSA-4305-1 : strongswan - security update

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite. Problems in the parsing and verification of RSA signatures could lead to a Bleichenbacher-style low-exponent signature forgery in certificates and...

[SECURITY] [DSA 4305-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4305-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 24, 2018 https://www.debian.org/security/faq -...

Debian DLA-1059-1 : strongswan security update

It was discovered that there was a denial of service vulnerability in the Strongswan Virtual Private Network VPN software. Specific RSA signatures passed to the gmp plugin for verification could cause a NULL pointer dereference. Potential triggers are signatures in certificates, but also signatur...