14 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-10155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the...
Oracle Linux 8 : libreswan (ELSA-2019-3391)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-3391 advisory. 3.29-6.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-6 - Resolves: rhbz1714331 support NSS based IKE KDFs require updated nss for rhbz...
EulerOS 2.0 SP3 : libreswan (EulerOS-SA-2022-1738)
According to the versions of the libreswan package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity...
Huawei EulerOS: Security Advisory for libreswan (EulerOS-SA-2022-1738)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : libreswan (EulerOS-SA-2022-1539)
According to the versions of the libreswan package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity...
Advisory ROSA-SA-2021-1887
Software: libreswan 3.25 OS: Cobalt 7.9 CVE-ID: CVE-2019-10155 CVE-Crit: LOW CVE-DESC: The Libreswan project has discovered a vulnerability in the handling of IKEv1 information exchange packets that are encrypted and integrity protected using the established IKE SA encryption and integrity keys,...
CentOS 8 : libreswan (CESA-2019:3391)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3391 advisory. - libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check CVE-2019-10155 - libreswan: null-pointer...
Huawei EulerOS: Security Advisory for libreswan (EulerOS-SA-2020-2312)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: Red Hat Security Advisory: libreswan security and bug fix update
An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Security Bulletin: Multiple vulnerabilities in Open Source Libreswan affect IBM Netezza Host Management
Summary Open Source Libreswan is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-12312 DESCRIPTION: Libreswan is vulnerable to a denial of service, caused by a NULL pointer dereference in the...
MGASA-2019-0210 Updated libreswan packages fix security vulnerability
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...
Updated libreswan packages fix security vulnerability
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...
Fedora 29 : libreswan (2019-1bd9cfb718)
Resolves: rhbz1718986 Updated to 3.29 for CVE-2019-10155 ---- Updated to 3.28 many imported bugfixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much ...
CVE-2019-10155
The CVE-2019-10155 issue in Libreswan arises from processing IKEv1 informational exchange packets that are encrypted/integrity protected with the IKE SA keys but where the receiver failed to verify the integrity check value. Affected versions are before 3.29. The vulnerability could allow a recip...