Lucene search
K

26 matches found

OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:14887-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.8AI score0.03511EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:3056-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.07124EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2019:3266-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.07124EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.38 views

SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2019:3266-1)

This update for strongswan provides the following fixes : Security issues fixed : CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. CVE-2018-10811: Fixed a...

7.5CVSS6.7AI score0.07124EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2019/12/03 12:0 a.m.36 views

openSUSE Security Update : strongswan (openSUSE-2019-2598)

This update for strongswan fixes the following issues : Security issues fixed : - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. - CVE-2018-10811: Fixed...

7.5CVSS6.7AI score0.07124EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.34 views

Photon OS 1.0: Strongswan PHSA-2019-1.0-0203

An update of the strongswan package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0203. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.31 views

Fedora 29 : strongswan (2018-a0d22c2a21)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.39 views

Fedora 28 : strongswan (2018-61df554bb1)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.37 views

GLSA-201811-16 : strongSwan: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201811-16 strongSwan: Multiple vulnerabilities Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service...

7.5CVSS6.5AI score0.07124EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2018/10/16 12:0 a.m.28 views

Fedora Update for strongswan FEDORA-2018-9caa6528d2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.04009EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/16 12:0 a.m.37 views

Fedora 27 : strongswan (2018-9caa6528d2)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2018/10/03 8:19 p.m.32 views

CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS4AI score0.01888EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/10/03 12:0 a.m.34 views

Debian DSA-4309-1 : strongswan - security update

Google's OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16152 DSA-4305-1. An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer...

7.5CVSS7.5AI score0.03511EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.29 views

Debian DLA-1522-1 : strongswan security update

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several security issues in the gmp plugin for strongSwan, an IKE/IPsec suite. CVE-2018-16151 The OID parser in the ASN.1 code in gmp allows any number of random bytes after a valid OID. CVE-2018-16152 The...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.36 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : strongSwan vulnerabilities (USN-3771-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3771-1 advisory. It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to...

7.5CVSS7.1AI score0.07124EPSS
Exploits0References5
NVD
NVD
added 2018/09/26 9:29 p.m.26 views

CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS7.5AI score0.01888EPSS
Exploits0References8
OSV
OSV
added 2018/09/26 9:29 p.m.32 views

CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS7.4AI score0.01888EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2018/09/26 9:0 p.m.26 views

CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS7.7AI score0.01888EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/09/26 9:0 p.m.64 views

CVE-2018-16151

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS1 v1.5 signature verification. Similar to the flaw in the same version of strongSwa...

7.5CVSS7.6AI score0.01888EPSS
Exploits0
Debian
Debian
added 2018/09/26 4:44 p.m.31 views

[SECURITY] [DLA 1522-1] strongswan security update

Package : strongswan Version : 5.2.1-6+deb8u7 CVE ID : CVE-2018-16151 CVE-2018-16152 Sze Yiu Chau and his team from Purdue University and The University of Iowa found several security issues in the gmp plugin for strongSwan, an IKE/IPsec suite. CVE-2018-16151 The OID parser in the ASN.1 code in g...

7.5CVSS8.2AI score0.01888EPSS
Exploits0
Rows per page
Query Builder