Lucene search
K

24 matches found

OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:14887-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.8AI score0.03511EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2019:3266-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.07124EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/12/12 12:0 a.m.38 views

SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2019:3266-1)

This update for strongswan provides the following fixes : Security issues fixed : CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. CVE-2018-10811: Fixed a...

7.5CVSS6.7AI score0.07124EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2019/12/03 12:0 a.m.36 views

openSUSE Security Update : strongswan (openSUSE-2019-2598)

This update for strongswan fixes the following issues : Security issues fixed : - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. - CVE-2018-10811: Fixed...

7.5CVSS6.7AI score0.07124EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.34 views

Photon OS 1.0: Strongswan PHSA-2019-1.0-0203

An update of the strongswan package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0203. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.31 views

Fedora 29 : strongswan (2018-a0d22c2a21)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.39 views

Fedora 28 : strongswan (2018-61df554bb1)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.38 views

GLSA-201811-16 : strongSwan: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201811-16 strongSwan: Multiple vulnerabilities Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service...

7.5CVSS6.5AI score0.07124EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/10/16 12:0 a.m.37 views

Fedora 27 : strongswan (2018-9caa6528d2)

Updated to release 5.7.1 Security fix for : - CVE-2018-16151 - CVE-2018-16152 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.4AI score0.01888EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/10/16 12:0 a.m.28 views

Fedora Update for strongswan FEDORA-2018-9caa6528d2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.04009EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2018/10/03 8:20 p.m.30 views

CVE-2018-16152

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...

7.5CVSS6.3AI score0.1617EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/10/03 12:0 a.m.34 views

Debian DSA-4309-1 : strongswan - security update

Google's OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16152 DSA-4305-1. An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer...

7.5CVSS7.5AI score0.03511EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.36 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : strongSwan vulnerabilities (USN-3771-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3771-1 advisory. It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to...

7.5CVSS7.1AI score0.07124EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.29 views

Debian DLA-1522-1 : strongswan security update

Sze Yiu Chau and his team from Purdue University and The University of Iowa found several security issues in the gmp plugin for strongSwan, an IKE/IPsec suite. CVE-2018-16151 The OID parser in the ASN.1 code in gmp allows any number of random bytes after a valid OID. CVE-2018-16152 The...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References4
OSV
OSV
added 2018/09/26 9:29 p.m.31 views

CVE-2018-16152

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...

7.5CVSS7.5AI score0.01888EPSS
Exploits0References8
CVE
CVE
added 2018/09/26 9:0 p.m.253 views

CVE-2018-16152

The GMP-based RSA implementation in strongSwan is affected by CVE-2018-16151 and CVE-2018-16152: the gmp_rsa_public_key.c ASN.1/algorithm identifiers do not strictly reject excess or NULL parameters in PKCS#1 v1.5 signatures, enabling potential Bleichenbacher-style forgery and impersonation when ...

7.5CVSS6AI score0.01888EPSS
Exploits0References8Affected Software1
AlpineLinux
AlpineLinux
added 2018/09/26 9:0 p.m.59 views

CVE-2018-16152

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...

7.5CVSS7.1AI score0.01888EPSS
Exploits0
Debian
Debian
added 2018/09/26 4:44 p.m.31 views

[SECURITY] [DLA 1522-1] strongswan security update

Package : strongswan Version : 5.2.1-6+deb8u7 CVE ID : CVE-2018-16151 CVE-2018-16152 Sze Yiu Chau and his team from Purdue University and The University of Iowa found several security issues in the gmp plugin for strongSwan, an IKE/IPsec suite. CVE-2018-16151 The OID parser in the ASN.1 code in g...

7.5CVSS8.2AI score0.01888EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/09/26 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-3771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.07124EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/09/26 12:0 a.m.44 views

Debian: Security Advisory (DLA-1522-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01888EPSS
Exploits0References3
Rows per page
Query Builder