Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: libreswan (TSSA-2023:0085)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0085 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.5AI score0.01606EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 4: libreswan (TSSA-2024:0008)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0008 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS6.8AI score0.01606EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.23 views

CentOS 9 : libreswan-4.9-4.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the libreswan-4.9-4.el9 build changelog. - remote DoS via crafted TS payload with an incorrect selector length rhbz2173674 CVE-2023-23009 - pluto in Libreswan before 4.11 allows a...

7.5CVSS6.8AI score0.01606EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.21 views

Oracle Linux 8 : libreswan (ELSA-2023-3095)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3095 advisory. 4.9-2.0.1.2 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-2.2 - Update libreswan-4.9-2176248-authby-rsasig.patch 4.9-2.1 - Resolves: rhbz218764...

6.5CVSS6.5AI score0.01606EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.24 views

AlmaLinux 8 : libreswan (ALSA-2023:3095)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3095 advisory. - Libreswan 4.9 allows remote attackers to cause a denial of service assert failure and daemon restart via crafted TS payload with an incorrect selector length...

6.5CVSS6.4AI score0.01606EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2023/05/17 12:0 a.m.20 views

libreswan security update

4.9-2.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-2 - Fix CVE-2023-23009: remote DoS via crafted TS payload with an incorrect selector length rhbz2173674...

6.5CVSS6.9AI score0.01606EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.18 views

Oracle Linux 9 : libreswan (ELSA-2023-2633)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-2633 advisory. 4.9-2.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-2 - Fix CVE-2023-23009: remote DoS via crafted TS payload with an incorrect selector...

6.5CVSS6.5AI score0.01606EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/05/09 11:16 a.m.17 views

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

6.5CVSS6.7AI score0.01606EPSS
Exploits1References2
OSV
OSV
added 2023/05/09 12:0 a.m.24 views

ALSA-2023:2633 Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

6.5CVSS6.8AI score0.01606EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.27 views

Fedora 38 : libreswan (2023-a2348480cb)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-a2348480cb advisory. Update to 4.10 for CVE-2023-23009 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

6.5CVSS6.5AI score0.01606EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.16 views

Fedora 37 : libreswan (2023-42ec148952)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-42ec148952 advisory. Update to 4.10 for CVE-2023-23009 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

6.5CVSS6.5AI score0.01606EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/04/23 12:0 a.m.17 views

Fedora: Security Advisory for libreswan (FEDORA-2023-42ec148952)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.01606EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2023-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.01606EPSS
Exploits1References5
OSV
OSV
added 2023/03/11 7:0 p.m.9 views

MGASA-2023-0089 Updated libreswan packages fix security vulnerability

A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution. CVE-2023-230...

6.5CVSS6.8AI score0.01606EPSS
Exploits1References4
Mageia
Mageia
added 2023/03/11 7:0 p.m.39 views

Updated libreswan packages fix security vulnerability

A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution. CVE-2023-230...

6.5CVSS6.9AI score0.01606EPSS
Exploits1References3
Debian
Debian
added 2023/03/03 7:58 p.m.23 views

[SECURITY] [DSA 5368-1] libreswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5368-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2023 https://www.debian.org/security/faq -...

6.5CVSS6.5AI score0.01606EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/03/03 12:0 a.m.22 views

Debian DSA-5368-1 : libreswan - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5368 advisory. It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via malformed IKEv2 packets after peer authentication, resulting in denial o...

6.5CVSS6.4AI score0.01606EPSS
Exploits1References6
CVE
CVE
added 2023/02/21 12:0 a.m.138 views

CVE-2023-23009

CVE-2023-23009 affects Libreswan 4.9, enabling remote DoS via a crafted TS payload with an incorrect selector length, causing an assert failure and daemon restart. Connected advisories confirm multiple distributions (e.g., MiracleLinux, TencentOS Server, RHEL/CentOS/Oracle Linux families) referen...

6.5CVSS6.2AI score0.01606EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder