39 matches found
MiracleLinux 8 : libreswan-4.5-1.el8.1 (AXSA:2023-5324:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5324:01 advisory. libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan CVE-2023-30570 Tenable has extracted the preceding description block directly from the...
EUVD-2023-33801
Malicious code in bioql PyPI...
TencentOS Server 4: libreswan (TSSA-2024:0008)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0008 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: libreswan (TSSA-2023:0085)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0085 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2023-30570 affecting package libreswan for versions less than 4.15-1
CVE-2023-30570 affecting package libreswan for versions less than 4.15-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: libreswan (CVE-2023-30570)
The version of libreswan installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-30570 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via...
Azure Linux 3.0 Security Update: libreswan (CVE-2023-30570)
The version of libreswan installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-30570 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via...
libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
libreswan security and bug fix update
4.12-1.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1.1 - Fix CVE-2024-2357 RHEL-29734 - x509: unpack IPv6 general names based on length RHEL-32719 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping u...
Mageia: Security Advisory (MGASA-2024-0085)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : libreswan (CESA-2023:2122)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:2122 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The...
libreswan security update
4.12-1.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping up the version to include bugs for CVE-2023-2295. There is no code fix for it. Fix for it is including t...
SUSE CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
OESA-2023-1318 libreswan security update
Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
Libreswan (pluto) vulnerabilities exist in versions before 4.11, caused by an IKEv1 Aggressive Mode handling that can crash the pluto daemon and cause a denial of service. The earliest affected release is 3.28. Multiple advisories and CVE coverage confirm the issue, with fixes available in later ...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
libreswan security update
4.9-3.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-3 - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan - Resolves: rhbz2187179...