460 matches found
SUSE CVE-2010-3752
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in 1 ciscodnsinfo or 2 ciscodomaininfo data in a packet, a different vulnerability than CVE-2010-3302...
SUSE CVE-2010-3753
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the ciscobanner aka serverbanner field, a different vulnerability than CVE-2010-3308...
SUSE CVE-2011-2147
Openswan 2.2.x does not properly restrict permissions for 1 /var/run/starter.pid, related to starter.c in the IPsec starter, and 2 /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a...
SUSE CVE-2011-3380
Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service NULL pointer dereference and pluto IKE daemon crash via an ISAKMP message with an invalid KEYLENGTH attribute, which is not properly handled by the error handling function...
SUSE CVE-2011-4073
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service pluto IKE daemon crash via vectors related to the 1 quickoutI1continue and 2 quickoutI1 functions...
SUSE CVE-2013-2053
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service pluto IKE daemon crash and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be...
SUSE CVE-2013-6466
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads...
SUSE CVE-2014-2037
Openswan 2.6.40 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466...
SUSE CVE-2015-3240
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...
SUSE CVE-2018-15836
In verifysignedhash in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2...
Mageia: Security Advisory (MGASA-2014-0097)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1150-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0178-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
openswan is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way Openswan's pluto IKE daemon handled certain error conditions. A remote, unauthenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon...
Denial Of Service (DoS)
openswan is vulnerable to denial of service DoS. The vulnerability exists as a use-after-free flaw was found in the way Openswan's pluto IKE daemon used cryptographic helpers. A remote, authenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. This issue...
Denial Of Service (DoS)
openswan is vulnerable to denial of service DoS. The vulnerability exists through the way Openswan's pluto IKE daemon processed some fields of X.509 certificates. A remote attacker could provide a specially-crafted X.509 certificate that would crash the pluto daemon...
Arbitrary File Overwrite
openswan is vulnerable to arbitrary file overwrite. The vulnerability exists as Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script...
Denial Of Service (DoS)
openswan is vulnerable to denial of service DoS. The vulnerability exists as a flaw in the Dead Peer Detection DPD in Openswan's pluto IKE daemon. A remote attacker could use a malicious DPD packet to crash the pluto daemon...
CVE-2019-10155
A vulnerability was found in the Libreswan Project. It was discovered that libreswan, strongswan, and openswan did not verify the integrity check value for received IKEv1 Informational Exchange packets. Mitigation If all IKE peers support IKEv2, it is possible to reconfigure IKEv1 connections to...
libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check
A vulnerability was found in the Libreswan Project. It was discovered that libreswan, strongswan, and openswan did not verify the integrity check value for received IKEv1 Informational Exchange packets...