Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.25 views

Security Bulletin: Vulnerabilities in Strongswan affect Power Hardware Management Console (CVE-2014-9221,CVE-2014-2891,CVE-2014-2338,CVE-2013-5018)

Summary Strongswan is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2014-9221 DESCRIPTION: strongSwan is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious payloads. A remote...

6.4CVSS9.2AI score0.03823EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2014:0529-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.7AI score0.02381EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.26 views

Gentoo Security Advisory GLSA 201412-26

Gentoo Linux Local Security Checks GLSA 201412-26 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.4CVSS8.4AI score0.02514EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : strongswan (openSUSE-SU-2014:0697-1)

strongswan was fixed to correct two issues : - Fix for DoS vulnerability by a NULL pointer dereference CVE-2014-2891. - Fix for a authentication bypass vulnerability in the IKEv2 code CVE-2014-2338. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

6.4CVSS8.3AI score0.02514EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/05/05 12:0 a.m.34 views

FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)

strongSwan developers report : Remote attackers are able to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established. Only installations that actively initiate or re-authenticate IKEv2 IKESAs are affected...

6.4CVSS8.1AI score0.02381EPSS
Exploits1References3
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.56 views

[SECURITY] [DSA 2903-1] strongswan security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2903-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez April 14, 2014 http://www.debian.org/security/faq -...

6.4CVSS2.3AI score0.02381EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/05/02 12:0 a.m.30 views

Fedora Update for strongswan FEDORA-2014-5231

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.4AI score0.02448EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/05/02 12:0 a.m.36 views

Fedora Update for strongswan FEDORA-2014-5238

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.5AI score0.02985EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2014/04/25 12:0 a.m.32 views

Fedora 20 : strongswan-5.1.3-1.fc20 (2014-5231)

This update fixes : - Bug 1081760 - CVE-2014-2338 strongswan: authentication bypass flaw in IKEv2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

6.4CVSS8.2AI score0.02381EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/04/25 12:0 a.m.23 views

Fedora 19 : strongswan-5.1.3-1.fc19 (2014-5238)

CVE-2014-2338 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

6.4CVSS8.1AI score0.02381EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/04/18 12:0 a.m.37 views

strongSwan IKEv2 SA验证绕过漏洞

CVE ID:CVE-2014-2338 strongSwan是一个完整的2.4和2.6的Linux内核下的IPsec和IKEv1的实现。它也完全支持新的IKEv2协议的Linux2.6内核。 strongSwan处理IKEv2 SA存在安全漏洞,允许远程攻击者利用漏洞绕过验证,进行授权访问。仅安装actively initiate或re-authenticate IKEv2 IKESAs的系统受此漏洞影响。 0 strongSwan 4.x strongSwan 5.x strongSwan 5.1.3版本已修复该漏洞,建议用户下载使用: http://strongswan.org...

6.4CVSS9.5AI score0.02381EPSS
Exploits1
NVD
NVD
added 2014/04/16 6:37 p.m.13 views

CVE-2014-2338

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...

6.4CVSS6.6AI score0.02381EPSS
Exploits1References7
OSV
OSV
added 2014/04/16 6:37 p.m.6 views

CVE-2014-2338

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...

6.6AI score
Exploits0References7
Debian CVE
Debian CVE
added 2014/04/16 6:0 p.m.22 views

CVE-2014-2338

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...

6.4CVSS6.6AI score0.02381EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/04/16 12:0 a.m.35 views

SuSE 11.3 Security Update : strongswan (SAT Patch Number 9089)

The following security issue is fixed by this update : - strongswan has been updated to fix an authentication problem where attackers could have bypassed the IKEv2 authentication. CVE-2014-2338. bnc870572 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

6.4CVSS8AI score0.02381EPSS
Exploits1References3
Rows per page
Query Builder