Lucene search
K

130 matches found

OSV
OSV
added 2023/05/29 12:15 a.m.5 views

AZL-34934 CVE-2023-30570 affecting package libreswan for versions less than 4.15-1

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
OSV
OSV
added 2023/05/29 12:15 a.m.7 views

AZL-26873 CVE-2023-30570 affecting package libreswan for versions less than 4.14-1

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/05/29 12:15 a.m.25 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References3
Prion
Prion
added 2023/05/29 12:15 a.m.20 views

Code injection

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

5CVSS7.3AI score0.01175EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/29 12:15 a.m.6 views

UBUNTU-CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References4
CVE
CVE
added 2023/05/28 12:0 a.m.154 views

CVE-2023-30570

Libreswan (pluto) vulnerabilities exist in versions before 4.11, caused by an IKEv1 Aggressive Mode handling that can crash the pluto daemon and cause a denial of service. The earliest affected release is 3.28. Multiple advisories and CVE coverage confirm the issue, with fixes available in later ...

7.5CVSS7.2AI score0.01175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/28 12:0 a.m.14 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.6AI score0.01175EPSS
Exploits0References1
OSV
OSV
added 2023/05/28 12:0 a.m.25 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS7.2AI score0.01175EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/05/28 12:0 a.m.26 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS7.5AI score0.01175EPSS
Exploits0
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.37 views

libreswan security update

4.9-3.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-3 - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan - Resolves: rhbz2187179...

7.5CVSS6.9AI score0.01581EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.27 views

Oracle Linux 8 : libreswan (ELSA-2023-3107)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3107 advisory. - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...

7.5CVSS6.8AI score0.01581EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.20 views

AlmaLinux 8 : libreswan (ALSA-2023:3107)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

7.5CVSS7.5AI score0.01581EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.28 views

Rocky Linux 8 : libreswan (RLSA-2023:3107)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

7.5CVSS7.5AI score0.01581EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.22 views

AlmaLinux 9 : libreswan (ALSA-2023:3148)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3148 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

7.5CVSS7.5AI score0.01581EPSS
Exploits0References2
OSV
OSV
added 2023/05/17 11:15 p.m.2 views

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.3AI score0.01581EPSS
Exploits0References4
Prion
Prion
added 2023/05/17 11:15 p.m.21 views

Remote code execution

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

5CVSS7.8AI score0.01581EPSS
Exploits0References4Affected Software5
OSV
OSV
added 2023/05/17 11:15 p.m.3 views

UBUNTU-CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS7.4AI score0.01581EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/17 12:0 a.m.6 views

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

8AI score0.01581EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/05/17 12:0 a.m.39 views

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS7.3AI score0.01581EPSS
Exploits0References2
CVE
CVE
added 2023/05/17 12:0 a.m.136 views

CVE-2023-2295

Libreswan pluto vulnerability (CVE-2023-2295): via IKEv1 Aggressive Mode, a packet with unacceptable crypto algs and missing zero responder SPI can cause the pluto state machine to crash when a later packet reuses the responder SPI as the initiator SPI. No remote code execution is described. This...

7.5CVSS7.7AI score0.01581EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder