17 matches found
MiracleLinux 8 : libreswan-3.29-7.el8 (AXSA:2020-374:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-374:02 advisory. libreswan: DoS attack via malicious IKEv1 informational exchange message CVE-2020-1763 Tenable has extracted the preceding description block directly from the...
Alibaba Cloud Linux 3 : 0095: libreswan (ALINUX3-SA-2021:0095)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0095 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-1763: An out-of-bounds buffer read flaw wa...
Security Bulletin: Publicly disclosed vulnerability from Libreswan affects IBM Netezza Host Management
Summary Open Source Libreswan is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1763 DESCRIPTION: libreswan is vulnerable to a denial of service, caused by an out-of-bounds buffer read flaw in the pluto...
NewStart CGSL MAIN 6.01 : libreswan Vulnerability (NS-SA-2020-0035)
The remote NewStart CGSL host, running version MAIN 6.01, has libreswan packages installed that are affected by a vulnerability: - An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to...
Updated libreswan packages fix security vulnerability
Updated libreswan packages fix security vulnerability: An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the...
Debian DSA-4684-1 : libreswan - security update
Stephan Zeisberg discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 Informational Exchange packet, resulting in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Oracle Linux 8 : libreswan (ELSA-2020-2070)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-2070 advisory. 3.29-7.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-7 - Resolves: rhbz1814935 CVE-2020-1763 doS attack via malicious IKEv1 informational...
[SECURITY] [DSA 4684-1] libreswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4684-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 13, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4684-1] libreswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4684-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 13, 2020 https://www.debian.org/security/faq -...
CVE-2020-1763
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash...
CVE-2020-1763
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash...
CVE-2020-1763
Libreswan pluto daemon contained an out-of-bounds buffer read in versions 3.27–3.31. An unauthenticated attacker could crash libreswan by sending specially crafted IKEv1 Informational Exchange packets; the daemon respawns after the crash. Documented advisories from Debian, Mageia, Gentoo, and oth...
Important: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
libreswan security update
3.29-7.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-7 - Resolves: rhbz1814935 CVE-2020-1763 doS attack via malicious IKEv1 informational exchange message rhel-8.2.0.z...
RHEL 8 : libreswan (RHSA-2020:2070)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2070 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
RHEL 8 : libreswan (RHSA-2020:2069)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2069 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...