16 matches found
MiracleLinux 4 : openswan-2.6.32-27.2.0.1.AXS4 (AXSA:2014-035:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-035:01 advisory. Openswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authenticatio...
Mageia: Security Advisory (MGASA-2014-0097)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201411-07
Gentoo Linux Local Security Checks GLSA 201411-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
CVE-2014-2037
Openswan 2.6.40 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466...
CVE-2014-2037
OpenSwan 2.6.40 is affected by CVE-2014-2037. The vulnerability allows remote attackers to cause a denial of service via IKEv2 packets that lack expected payloads, leading to a NULL pointer dereference and a restart of the IKE daemon. The issue is noted as stemming from an incomplete fix for CVE-...
[SECURITY] [DSA 2893-1] openswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2893-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 31, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2893-1 (openswan - security update)
Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux. CVE-2013-2053 During an audit of Libreswan with which Openswan shares some code, Florian Weimer found a remote buffer overflow in the atodn function. This vulnerability can be triggered when Opportunistic Encryptio...
Medium: openswan
Issue Overview: A NULL pointer dereference flaw was discovered in the way Openswan's IKE daemon processed IKEv2 payloads. A remote attacker could send specially crafted IKEv2 payloads that, when processed, would lead to a denial of service daemon crash, possibly causing existing VPN connections t...
RedHat Update for openswan RHSA-2014:0185-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for openswan CESA-2014:0185 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Openswan IKEv2负载远程拒绝服务漏洞
BUGTRAQ ID: 65155 CVECAN ID: CVE-2013-6466 Openswan是一款Linux系统下的IPSEC实现,基于FreeS/WAN项目。 Openswan 2.6.39及之前版本在实现上存在远程拒绝服务漏洞,攻击者通过畸形的IKEv2数据包,利用此漏洞可造成应用重启,导致拒绝服务。 0 Openswan Openswan = 2.6.39 厂商补丁: Openswan -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.openswan.org/...
RHEL 5 / 6 : openswan (RHSA-2014:0185)
Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
openswan security update
2.6.32-27.2 - Resolves: rhbz1050337 CVE-2013-6466 refix for delete/notify code 2.6.32-27.1 - Resolves: rhbz1050337 CVE-2013-6466...
CVE-2013-6466
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads...
CVE-2013-6466
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads...
CVE-2013-6466
Summary (CVE-2013-6466) Openswan 2.6.39 and earlier, when used in some devices (e.g., mGuard firmware 8.0.0–8.5.1), is vulnerable to a remote denial of service via crafted IKEv2 payloads that trigger a NULL pointer dereference in the IKE daemon. The issue allows an attacker to cause the Pluto/IKE...