Fedora 27 : strongswan (2018-bab8cabe2a)

Resolves rhbz1581868 CVE-2018-5388 strongswan: buffer underflow in strokesocket.c Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

ALPINE-CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

Buffer overflow

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

DEBIAN-CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

CVE-2018-5388 affects strongSwan up to version 5.6.2 (before 5.6.3). The stroke plugin did not verify the message length when reading from its control socket, allowing a buffer underflow that can cause resource exhaustion and denial of service. Impact is a DoS during socket reads; exploitation de...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

UBUNTU-CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

glibc 'realpath()' Privilege Escalation

This module attempts to gain root privileges on Linux systems by abusing a vulnerability in GNU C Library glibc version 2.26 and prior. This module uses halfdog's RationalLove exploit to exploit a buffer underflow in glibc realpath and create a SUID root shell. The exploit has offsets for glibc...

strongSwan VPN charon server vulnerable to buffer underflow

Overview strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow, resulting in denial of service. Description CWE-124: Buffer Underwrite 'Buffer Underflow' - CVE-2018-5388In strokesocket.c, a missing packet length check could allow a buffe...

Design/Logic Flaw

A vulnerability in the Transport Layer Security TLS library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service DoS condition...

CVE-2018-0231

A vulnerability in the Transport Layer Security TLS library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service DoS condition...

CVE-2018-0231

A vulnerability in the Transport Layer Security TLS library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service DoS condition...

Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability

A vulnerability in the Transport Layer Security TLS library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service DoS condition...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...