8 matches found
Security Bulletin: Vulnerabilities in Strongswan affect Power Hardware Management Console (CVE-2014-9221,CVE-2014-2891,CVE-2014-2338,CVE-2013-5018)
Summary Strongswan is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2014-9221 DESCRIPTION: strongSwan is vulnerable to a denial of service, caused by a NULL pointer dereference when handling malicious payloads. A remote...
SUSE: Security Advisory (SUSE-SU-2015:0281-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : strongswan-5.3.2-1.fc21 (2015-5247)
New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 22 : strongswan-5.3.2-1.fc22 (2015-5279)
New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora Update for strongswan FEDORA-2015-5279
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : strongswan (openSUSE-SU-2015:0114-1)
This update fixes the following security issues : - denial-of-service vulnerability, which can be triggered by an IKEv2 Key Exchange payload, that contains the Diffie-Hellman group 1025 bsc910491,CVE-2014-9221. - Applied an upstream patch reverting to store algorithms in the registration order...
CVE-2014-9221
CVE-2014-9221 affects strongSwan’s IKEv2 KE handling with DH group 1025, causing a NULL pointer dereference and potential denial of service. Public details in connected advisories confirm the flaw exists in strongSwan 4.5.x–5.2.x (before 5.2.1) and can crash the IKE daemon on receiving a crafted ...
UBUNTU-CVE-2014-9221
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service invalid pointer dereference via a crafted IKEv2 Key Exchange KE message with Diffie-Hellman DH group 1025...