Lucene search
K

460 matches found

Tenable Nessus
Tenable Nessus
added 2005/12/15 12:0 a.m.50 views

GLSA-200512-04 : Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation

The remote host is affected by the vulnerability described in GLSA-200512-04 Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation The Oulu University Secure Programming Group OUSPG discovered that various ISAKMP implementations, including Openswan and racoon included in the...

7.8CVSS5.4AI score0.07453EPSS
Exploits1References4
Gentoo Linux
Gentoo Linux
added 2005/12/12 12:0 a.m.52 views

Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation

Background Openswan is an implementation of IPsec for Linux. IPsec-Tools is a port of KAME's implementation of the IPsec utilities, including racoon, an Internet Key Exchange daemon. Internet Key Exchange version 1 IKEv1, a derivate of ISAKMP, is an important part of IPsec. IPsec is widely used t...

7.8CVSS6.3AI score0.07453EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/11/22 12:0 a.m.28 views

Fedora Core 4 : openswan-2.4.4-1.0.FC4.1 (2005-1093)

NISCC has reported two Denial of Service issues in Openswan. The first involves a specially crafted 3DES packet with an invalid key length. The Openswan project has released version 2.4.4 to fix both issues. See http://www.openswan.org/ for details. Note that Tenable Network Security has extracte...

7.8CVSS5.4AI score0.07453EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/11/22 12:0 a.m.29 views

Fedora Core 3 : openswan-2.4.4-0.FC3.1 (2005-1092)

NISCC has reported two Denial of Service issues in Openswan. The first involves a specially crafted 3DES packet with an invalid key length. The Openswan project has released version 2.4.4 to fix both issues. See http://www.openswan.org/ for details. Note that Tenable Network Security has extracte...

7.8CVSS5.4AI score0.07453EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2005/11/18 9:3 p.m.35 views

CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

7.8CVSS6AI score0.07453EPSS
Exploits1References1
NVD
NVD
added 2005/11/18 9:3 p.m.19 views

CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

7.8CVSS6.5AI score0.07453EPSS
Exploits1References17
Cvelist
Cvelist
added 2005/11/18 9:0 p.m.23 views

CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

6.4AI score0.07453EPSS
Exploits1References17
CVE
CVE
added 2005/11/18 9:0 p.m.65 views

CVE-2005-3671

CVE-2005-3671 affects OpenSwan 2.x (pre-2.4.4) and Freeswan in SUSE Linux 9.1 (before 2.04_1.5.4-1.23). The vulnerability allows a remote attacker to cause a Denial of Service by processing specially crafted ISAKMP/IKEv1 data: (1) a crafted packet using 3DES with an invalid key length, or (2) uns...

7.8CVSS6.4AI score0.07453EPSS
Exploits1References17Affected Software3
securityvulns
securityvulns
added 2005/11/15 12:0 a.m.26 views

[SA17581] Openswan ISAKMP IKE Message Processing Denial of Service

TITLE: Openswan ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17581 VERIFY ADVISORY: http://secunia.com/advisories/17581/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: Openswan 2.x http://secunia.com/product/3624/ DESCRIPTION: Two vulnerabilities...

1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/02 12:0 a.m.19 views

Fedora Core 3 : openswan-2.1.5-2.FC3.1 (2005-082)

This erratum fixes the remote exploitation of a stack based buffer overflow vulnerability in Xelerance Corp.'s Openswan, which could allow attackers to execute arbitrary code. The vulnerability specifically exists due to a lack of bounds checking in the pluto application when Openswan is compiled...

7.2CVSS6AI score0.01691EPSS
Exploits0References2
CVE
CVE
added 2005/01/29 5:0 a.m.61 views

CVE-2005-0162

Openswan pluto vulnerability (CVE-2005-0162): stack-based buffer overflow in get_internal_addresses in Openswan 1.x prior to 1.0.9 and 2.x prior to 2.3.0 when built with XAUTH and PAM. Remote authenticated attackers could execute arbitrary code. Affects the pluto component; exploitation context m...

7.2CVSS7.6AI score0.01691EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.23 views

CVE-2005-0162

Stack-based buffer overflow in the getinternaladdresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code...

7.6AI score0.01691EPSS
Exploits0References9
securityvulns
securityvulns
added 2005/01/27 12:0 a.m.21 views

iDEFENSE Security Advisory 01.26.05: Openswan XAUTH/PAM Buffer Overflow Vulnerability

Openswan XAUTH/PAM Buffer Overflow Vulnerability iDEFENSE Security Advisory 01.26.05 www.idefense.com/application/poi/display?id=190&type=vulnerabilities January 26, 2005 I. BACKGROUND Openswan is an open source implementation of IPSEC for the Linux Operating System. Openswan is based on the...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/01/27 12:0 a.m.33 views

OpenSWAN IPSec implementation XAUTH authentication buffer overflow

pluto process stack based buffer overflow...

3.8AI score
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2005/01/26 5:0 a.m.30 views

CVE-2005-0162

Stack-based buffer overflow in the getinternaladdresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code...

7.2CVSS6.4AI score0.01691EPSS
Exploits0References1
NVD
NVD
added 2005/01/26 5:0 a.m.19 views

CVE-2005-0162

Stack-based buffer overflow in the getinternaladdresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code...

7.2CVSS7.6AI score0.01691EPSS
Exploits0References9
CVE
CVE
added 2004/06/30 4:0 a.m.63 views

CVE-2004-0590

The CVE-2004-0590 entry affects FreeS/WAN and related IPsec implementations (OpenS/WAN, FreeS/WAN derivatives, Super-FreeS/WAN, and strongSwan). The root cause described across connected docs is bugs in the verify_x509cert() certificate validation, allowing remote attackers to authenticate using ...

10CVSS6.5AI score0.02832EPSS
Exploits0References4Affected Software4
securityvulns
securityvulns
added 2004/06/26 12:0 a.m.31 views

FreeS/WAN, Openswan, strongSwan, Super-FreeS/WAN multiple certificate problmes

DoS, unauthorized access...

3.7AI score
Exploits0References1Affected Software4
securityvulns
securityvulns
added 2004/06/26 12:0 a.m.31 views

[ GLSA 200406-20 ] FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200406-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

0.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.2 views

PT-2013-6349 · Unknown +4 · Openswan-Doc +4

Name of the Vulnerable Software and Affected Versions: openswan versions prior to 2.6.39 openswan-doc affected versions not specified Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. Recommendations: For opensw...

6.8CVSS5.8AI score0.02427EPSS
Exploits0References27
Rows per page
Query Builder