3 matches found
CVE-2026-25075
A flaw was found in strongSwan. An unauthenticated remote attacker can exploit an integer underflow vulnerability in the EAP-TTLS AVP Attribute-Value Pair parser. By sending specially crafted AVP data with invalid length fields during IKEv2 Internet Key Exchange version 2 authentication, the...
CVE-2013-6076
strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service NULL pointer dereference and charon daemon crash via a crafted IKEv1 fragmentation packet...
Null pointer dereference
strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service NULL pointer dereference and charon daemon crash via a crafted IKEv1 fragmentation packet...