Lucene search
+L

298 matches found

nessus
nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 4 : initscripts (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - initscripts: IPSec ifup script allows for aggressive IKE mode CVE-2008-1198 Note that Nessus has not tested for thi...

7.1CVSS6.9AI score0.02432EPSS
Exploits1References1
nessus
nessus
added 2024/05/11 12:0 a.m.20 views

RHEL 6 : libreswan (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check...

4.7AI score0.01175EPSS
Exploits0References4
nessus
nessus
added 2024/02/29 12:0 a.m.23 views

CentOS 9 : libreswan-4.9-4.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the libreswan-4.9-4.el9 build changelog. - remote DoS via crafted TS payload with an incorrect selector length rhbz2173674 CVE-2023-23009 - pluto in Libreswan before 4.11 allows a...

7.5CVSS6.8AI score0.01606EPSS
Exploits1References3
fedora
fedora
added 2024/01/24 1:30 a.m.31 views

[SECURITY] Fedora 39 Update: systemd-254.8-2.fc39

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

5.9CVSS6.1AI score0.00849EPSS
Exploits0
openvas
openvas
added 2024/01/24 12:0 a.m.11 views

Fedora: Security Advisory (FEDORA-2024-b8312ca5b3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.4AI score0.00849EPSS
Exploits0References3
susecve
susecve
added 2023/10/31 2:20 a.m.3 views

SUSE CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS7.7AI score0.01581EPSS
Exploits0References2
susecve
susecve
added 2023/10/31 2:19 a.m.5 views

SUSE CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References2
f5
f5
added 2023/06/27 4:43 p.m.36 views

K000135252: BIND vulnerability CVE-2023-2829

Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...

7.5CVSS7.1AI score0.00868EPSS
Exploits0
prion
prion
added 2023/06/21 5:15 p.m.130 views

Design/Logic Flaw

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

5CVSS7.5AI score0.00868EPSS
Exploits0References2Affected Software1
ubuntucve
ubuntucve
added 2023/06/21 5:15 p.m.49 views

CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7AI score0.00868EPSS
Exploits0References2
osv
osv
added 2023/06/03 11:5 a.m.4 views

OESA-2023-1318 libreswan security update

Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

7.5CVSS7AI score0.01175EPSS
Exploits0References2
mscve
mscve
added 2023/05/29 7:0 a.m.3 views

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.

...

7.5CVSS6.7AI score0.01175EPSS
Exploits0
attackerkb
attackerkb
added 2023/05/29 12:15 a.m.3 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS5.9AI score0.01175EPSS
Exploits0References2
nvd
nvd
added 2023/05/29 12:15 a.m.14 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS7.4AI score0.01175EPSS
Exploits0References1
osv
osv
added 2023/05/29 12:15 a.m.1 views

DEBIAN-CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
osv
osv
added 2023/05/29 12:15 a.m.7 views

AZL-26873 CVE-2023-30570 affecting package libreswan for versions less than 4.14-1

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
osv
osv
added 2023/05/29 12:15 a.m.5 views

AZL-34934 CVE-2023-30570 affecting package libreswan for versions less than 4.15-1

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2023/05/29 12:15 a.m.25 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References3
osv
osv
added 2023/05/29 12:15 a.m.6 views

UBUNTU-CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References4
prion
prion
added 2023/05/29 12:15 a.m.21 views

Code injection

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

5CVSS7.3AI score0.01175EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder