298 matches found
RHEL 4 : initscripts (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - initscripts: IPSec ifup script allows for aggressive IKE mode CVE-2008-1198 Note that Nessus has not tested for thi...
RHEL 6 : libreswan (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check...
CentOS 9 : libreswan-4.9-4.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the libreswan-4.9-4.el9 build changelog. - remote DoS via crafted TS payload with an incorrect selector length rhbz2173674 CVE-2023-23009 - pluto in Libreswan before 4.11 allows a...
[SECURITY] Fedora 39 Update: systemd-254.8-2.fc39
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
Fedora: Security Advisory (FEDORA-2024-b8312ca5b3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2023-2295
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
SUSE CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
K000135252: BIND vulnerability CVE-2023-2829
Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...
Design/Logic Flaw
A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...
CVE-2023-2829
A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...
OESA-2023-1318 libreswan security update
Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
DEBIAN-CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
AZL-26873 CVE-2023-30570 affecting package libreswan for versions less than 4.14-1
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
AZL-34934 CVE-2023-30570 affecting package libreswan for versions less than 4.15-1
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
UBUNTU-CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
Code injection
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...