10 matches found
SUSE CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...
SUSE: Security Advisory (SUSE-SU-2017:1473-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in strongSwan affect IBM Chassis Management Module (CVE-2017-9022, CVE-2017-9023)
Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details: CVEID: CVE-2017-9022 Description: strongSwan is vulnerable...
Security Bulletin: Multiple vulnerabilities in strongswan affect IBM Flex System Manager (FSM) (CVE-2017-9023, CVE-2017-9022)
Summary Multiple vulnerabilities have been identified in strongswan that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2017-9023 DESCRIPTION: strongSwan is vulnerable to a denial of service, caused by the improper handling of CHOICE types ...
CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...
CVE-2017-9022
CVE-2017-9022 affects strongSwan via the gmp plugin, where RSA public keys are not properly validated before mpz_powm_sec, enabling a remote attacker to trigger a denial of service with crafted certificates. Connected IBM advisories confirm the issue and provide remediation guidance: firmware fix...
SUSE SLES11 Security Update : strongswan (SUSE-SU-2017:1471-1)
This update for strongswan fixes the following issues : - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service bsc1039514 - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service bsc1039515 Note that Tenable Network Security has...
Ubuntu 14.04 LTS / 16.04 LTS : strongSwan vulnerabilities (USN-3301-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3301-1 advisory. It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys. A remote attacker could use this issue to cause...
CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...
Debian: Security Advisory (DSA-3866-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...