13 matches found
SUSE: Security Advisory (SUSE-SU-2015:1791-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1227-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1196-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Flex System Manager is affected by a vulnerability from FSM’s use of strongswan: (CVE-2015-4171)
Summary There is a security vulnerability in strongswan that is used by IBM Flex System Manager FSM. Vulnerability Details CVEID: CVE-2015-4171 DESCRIPTION: strongSwan could allow a remote authenticated attacker to obtain sensitive information, caused by an error in IKEv2 connections related to...
SUSE SLES11 Security Update : strongswan (SUSE-SU-2015:1791-1)
strongswan was updated to fix one security issue. This security issue was fixed : - CVE-2015-4171: A problem that could enable rogue servers to gain user credentials from a client in certain IKEv2 setups. bsc933591 Note that Tenable Network Security has extracted the preceding description block...
SUSE-SU-2015:1791-1 Security update for strongswan
strongswan was updated to fix one security issue. This security issue was fixed: - CVE-2015-4171: A problem that could enable rogue servers to gain user credentials from a client in certain IKEv2 setups. bsc933591...
SUSE SLED11 / SLES11 Security Update : strongswan (SUSE-SU-2015:1227-1)
strongswan was updated to fix a problem that could enable rogue servers to gain user credentials from a client in certain IKEv2 setups. CVE-2015-4171 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2015:1196-1)
Strongswan was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-4171: Rogue servers were able to authenticate themselves with certificate issued by any CA the client trusts, to gain user credentials from a client in certain IKEv2 setups bsc933591 Note that...
CVE-2015-4171
CVE-2015-4171 affects strongSwan 4.3.0–5.x prior to 5.3.2 and strongSwan VPN Client prior to 1.4.6. The issue lets remote servers obtain credentials during IKEv2 authentication by bypassing server-auth restrictions until full auth completes. Affected products/versions are confirmed in multiple do...
FreeBSD : strongswan -- Information Leak Vulnerability (10d14955-0e45-11e5-b6a8-002590263bf5)
strongSwan Project reports : An information leak vulnerability was fixed that, in certain IKEv2 setups, allowed rogue servers with a valid certificate accepted by the client to trick it into disclosing user credentials even plain passwords if the client accepts EAP-GTC. This was caused because...
[SECURITY] [DSA 3282-1] strongswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3282-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez June 08, 2015 http://www.debian.org/security/faq -...
SUSE-SU-2015:1196-1 Security update for strongswan
Strongswan was updated to fix one security issue. The following vulnerability was fixed: CVE-2015-4171: Rogue servers were able to authenticate themselves with certificate issued by any CA the client trusts, to gain user credentials from a client in certain IKEv2 setups bsc933591...
[SECURITY] [DSA 3282-1] strongswan security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3282-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez June 08, 2015 http://www.debian.org/security/faq -...