Lucene search
+L

28 matches found

OpenVAS
OpenVAS
added 2025/02/13 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2022:0202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.2AI score0.02784EPSS
Exploits0References4
OSV
OSV
added 2022/11/11 11:4 a.m.4 views

OESA-2022-2068 strongswan security update

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. Security Fixes: In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually...

9.1CVSS6.8AI score0.02784EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2022/04/26 8:17 p.m.46 views

CVE-2021-45079 affecting package strongswan for versions less than 5.9.5-1

CVE-2021-45079 affecting package strongswan for versions less than 5.9.5-1. An upgraded version of the package is available that resolves this issue...

9.1CVSS9.4AI score0.02784EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/22 12:0 a.m.43 views

openSUSE 15 Security Update : strongswan (openSUSE-SU-2022:0492-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0492-1 advisory. - In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the...

9.1CVSS7.3AI score0.02784EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/02/22 12:0 a.m.23 views

openSUSE: Security Advisory for strongswan (openSUSE-SU-2022:0492-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS9.3AI score0.02784EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/19 12:0 a.m.38 views

SUSE SLED15: strongswan / strongswan-doc / strongswan-hmac / strongswan-ipsec / etc (SUSE-SU-2022:0492-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0492-1 advisory. - CVE-2021-45079: Fixed authentication bypass in EAP authentication. bsc1194471 Tenable has extracted the preceding...

9.1CVSS7.2AI score0.02784EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:14887-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.8AI score0.03511EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2022:0492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.2AI score0.02784EPSS
Exploits0References4
OSV
OSV
added 2022/02/18 9:33 a.m.4 views

OPENSUSE-SU-2022:0492-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2021-45079: Fixed authentication bypass in EAP authentication. bsc1194471...

9.1CVSS9.4AI score0.02784EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2022/02/18 12:0 a.m.23 views

Security update for strongswan (important)

openSUSE Security Update: Security update for strongswan Announcement ID: openSUSE-SU-2022:0492-1 Rating: important References: 1194471 Cross-References: CVE-2021-45079 CVSS scores: CVE-2021-45079 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2021-45079 SUSE: 6.5...

6.5CVSS7.8AI score0.02784EPSS
Exploits0References1
OSV
OSV
added 2022/02/11 11:3 a.m.2 views

OESA-2022-1525 strongswan security update

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. Security Fixes: In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually...

9.1CVSS6.8AI score0.02784EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/02/04 12:0 a.m.12 views

Fedora: Security Advisory for strongswan (FEDORA-2022-0e87c7994f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS9.3AI score0.02784EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.27 views

Debian DLA-2909-1 : strongswan - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2909 advisory. Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even the...

9.1CVSS7.4AI score0.02784EPSS
Exploits0References5
Debian
Debian
added 2022/02/03 7:29 p.m.85 views

[SECURITY] [DLA 2909-1] strongswan security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2909-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 03, 2022 https://wiki.debian.org/LTS -...

9.1CVSS9.4AI score0.02784EPSS
Exploits0
NVD
NVD
added 2022/01/31 8:15 a.m.26 views

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...

9.1CVSS0.02784EPSS
Exploits0References1
OSV
OSV
added 2022/01/31 8:15 a.m.23 views

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...

9.1CVSS6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2022/01/31 7:15 a.m.41 views

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...

9.5AI score0.02784EPSS
Exploits0References1
CVE
CVE
added 2022/01/31 7:15 a.m.148 views

CVE-2021-45079

Summary: CVE-2021-45079 affects strongSwan prior to 5.9.5. A malicious responder can send an EAP-Success message before proper authentication, and in EAP methods with mutual authentication and EAP-only authentication for IKEv2, potentially bypassing server authentication. What is affected: strong...

9.1CVSS9.1AI score0.02784EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/01/31 12:0 a.m.43 views

Debian DSA-5056-1 : strongswan - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5056 advisory. Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even...

9.1CVSS7.3AI score0.02784EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/01/30 12:0 a.m.78 views

FreeBSD : strongswan - Incorrect Handling of Early EAP-Success Messages (ccaea96b-7dcd-11ec-93df-00224d821998)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ccaea96b-7dcd-11ec-93df-00224d821998 advisory. - In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without...

9.1CVSS7.3AI score0.02784EPSS
Exploits0References3
Rows per page
Query Builder