10 matches found
SUSE: Security Advisory (SUSE-SU-2020:0743-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for strongswan (openSUSE-SU-2020:0403-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2020:0743-1)
This update for strongswan fixes the following issues : Strongswan was updated to version 5.8.2 jscSLE-11370. Security issue fixed : CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation bsc1079548. Full changelogs ...
SUSE-SU-2020:0743-1 Security update for strongswan
This update for strongswan fixes the following issues: Strongswan was updated to version 5.8.2 jscSLE-11370. Security issue fixed: - CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation bsc1079548. Full changelogs:...
GLSA-201811-16 : strongSwan: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201811-16 strongSwan: Multiple vulnerabilities Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service...
FreeBSD : strongswan - Insufficient input validation in RSASSA-PSS signature parser (6a449a37-1570-11e8-8e00-000c294a5758)
Strongswan Release Notes reports : Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function MGF. Only MG...
CVE-2018-6459
The rsapssparamsparse function in libstrongswan/credentials/keys/signatureparams.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter...
CVE-2018-6459
The rsapssparamsparse function in libstrongswan/credentials/keys/signatureparams.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter...
CVE-2018-6459
CVE-2018-6459 – strongSwan DoS in RSASSA-PSS parsing affected software/versions: strongSwan 5.6.1 (RSA-PSS signature parsing code in libstrongswan/credentials/keys/signature_params.c). root cause: the rsa_pss_params_parse function mishandles a missing mask generation function (MGF) parameter in R...
strongswan - Insufficient input validation in RSASSA-PSS signature parser
Strongswan Release Notes reports: Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function MGF. Only MGF...