Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-9023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of...

7.5CVSS6.8AI score0.02222EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2017:1473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.02222EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for strongimcv (EulerOS-SA-2019-2702)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02222EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for strongimcv (EulerOS-SA-2019-2668)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.04009EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.58 views

EulerOS 2.0 SP5 : strongimcv (EulerOS-SA-2019-2702)

According to the version of the strongimcv package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to...

7.5CVSS6.9AI score0.02222EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.38 views

EulerOS 2.0 SP3 : strongimcv (EulerOS-SA-2019-2668)

According to the versions of the strongimcv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource...

7.5CVSS6.9AI score0.04009EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.33 views

EulerOS 2.0 SP2 : strongimcv (EulerOS-SA-2019-2447)

According to the versions of the strongimcv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to...

7.5CVSS6.9AI score0.04009EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.27 views

Security Bulletin: Vulnerabilities in strongSwan affect IBM Chassis Management Module (CVE-2017-9022, CVE-2017-9023)

Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in strongSwan. Vulnerability Details: CVEID: CVE-2017-9022 Description: strongSwan is vulnerable...

7.5CVSS0.7AI score0.02222EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:38 a.m.31 views

Security Bulletin: Multiple vulnerabilities in strongswan affect IBM Flex System Manager (FSM) (CVE-2017-9023, CVE-2017-9022)

Summary Multiple vulnerabilities have been identified in strongswan that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2017-9023 DESCRIPTION: strongSwan is vulnerable to a denial of service, caused by the improper handling of CHOICE types ...

7.5CVSS1.8AI score0.02222EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/07/20 12:0 a.m.29 views

FreeBSD : strongswan -- Denial-of-service vulnerability in the x509 plugin (c7e8e955-6c61-11e7-9b01-2047478f2f70)

strongSwan security team reports : ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS6.9AI score0.02222EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2017/06/08 4:0 p.m.1 views

CVE-2017-9023

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...

6.3AI score0.02222EPSS
Exploits0References4
CVE
CVE
added 2017/06/08 4:0 p.m.122 views

CVE-2017-9023

CVE-2017-9023 affects strongSwan’s ASN.1 CHOICE handling when the x509 plugin is enabled, enabling remote denial of service via a crafted certificate. Concrete details in connected docs include affected product families (strongSwan deployments embedded in IBM FSM/IMM2, CMM and AMM advisories), th...

7.5CVSS7AI score0.02222EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/06/02 12:0 a.m.42 views

SUSE SLES11 Security Update : strongswan (SUSE-SU-2017:1471-1)

This update for strongswan fixes the following issues : - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service bsc1039514 - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service bsc1039515 Note that Tenable Network Security has...

7.5CVSS6.8AI score0.02222EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2017/05/31 7:49 a.m.34 views

CVE-2017-9023

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service infinite loop via a crafted certificate...

7.5CVSS5.5AI score0.02222EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/31 12:0 a.m.52 views

Ubuntu 14.04 LTS / 16.04 LTS : strongSwan vulnerabilities (USN-3301-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3301-1 advisory. It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys. A remote attacker could use this issue to cause...

7.5CVSS6.9AI score0.02222EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/05/29 12:0 a.m.23 views

Debian: Security Advisory (DSA-3866-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02222EPSS
Exploits0References3
Rows per page
Query Builder