Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.3 views

SUSE CVE-2017-9022

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...

5.9CVSS6.7AI score0.01731EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2017:1473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.02222EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.27 views

Security Bulletin: Vulnerabilities in strongSwan affect IBM Chassis Management Module (CVE-2017-9022, CVE-2017-9023)

Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details: CVEID: CVE-2017-9022 Description: strongSwan is vulnerable...

7.5CVSS0.7AI score0.02222EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:38 a.m.31 views

Security Bulletin: Multiple vulnerabilities in strongswan affect IBM Flex System Manager (FSM) (CVE-2017-9023, CVE-2017-9022)

Summary Multiple vulnerabilities have been identified in strongswan that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2017-9023 DESCRIPTION: strongSwan is vulnerable to a denial of service, caused by the improper handling of CHOICE types ...

7.5CVSS1.8AI score0.02222EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2017/06/08 4:0 p.m.20 views

CVE-2017-9022

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...

7.1AI score0.01731EPSS
Exploits0References4
CVE
CVE
added 2017/06/08 4:0 p.m.136 views

CVE-2017-9022

CVE-2017-9022 affects strongSwan via the gmp plugin, where RSA public keys are not properly validated before mpz_powm_sec, enabling a remote attacker to trigger a denial of service with crafted certificates. Connected IBM advisories confirm the issue and provide remediation guidance: firmware fix...

7.5CVSS7AI score0.01731EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/06/02 12:0 a.m.42 views

SUSE SLES11 Security Update : strongswan (SUSE-SU-2017:1471-1)

This update for strongswan fixes the following issues : - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service bsc1039514 - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service bsc1039515 Note that Tenable Network Security has...

7.5CVSS6.8AI score0.02222EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/05/31 12:0 a.m.52 views

Ubuntu 14.04 LTS / 16.04 LTS : strongSwan vulnerabilities (USN-3301-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3301-1 advisory. It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys. A remote attacker could use this issue to cause...

7.5CVSS6.9AI score0.02222EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/05/30 12:0 p.m.22 views

CVE-2017-9022

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...

7.5CVSS6.9AI score0.01731EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/05/29 12:0 a.m.23 views

Debian: Security Advisory (DSA-3866-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02222EPSS
Exploits0References3
Rows per page
Query Builder