24 matches found
TencentOS Server 4: libreswan (TSSA-2024:0008)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0008 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
RHEL 9 : libreswan (RHSA-2025:0309)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0309 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...
libreswan security and bug fix update
4.12-1.0.1.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1.1 - Fix CVE-2024-2357 RHEL-29734 - x509: unpack IPv6 general names based on length RHEL-32719 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping u...
Mageia: Security Advisory (MGASA-2024-0085)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-38711 affecting package libreswan for versions less than 4.7-6
CVE-2023-38711 affecting package libreswan for versions less than 4.7-6. A patched version of the package is available...
Oracle Linux 8 : libreswan (ELSA-2023-7052)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7052 advisory. - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 Tenable has extracted the preceding description block directly from the Oracle...
Oracle Linux 9 : libreswan (ELSA-2023-6549)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6549 advisory. - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Just bumping up the version to include bugs for CVE-2023-2295. There is no cod...
Moderate: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
CentOS 8 : libreswan (CESA-2023:7052)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:7052 advisory. - An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an erro...
RHEL 8 : libreswan (RHSA-2023:7052)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7052 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...
ALSA-2023:7052 Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
libreswan security update
4.12-1.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.12-1 - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz2215956 4.9-5 - Just bumping up the version to include bugs for CVE-2023-2295. There is no code fix for it. Fix for it is including t...
Moderate: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
RHEL 9 : libreswan (RHSA-2023:6549)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6549 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...
CVE-2023-38711 affecting package libreswan for versions less than 4.7-5
CVE-2023-38711 affecting package libreswan for versions less than 4.7-5. A patched version of the package is available...
OESA-2023-1581 libreswan security update
Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. Security Fixes: An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains ...
CVE-2023-38711
CVE-2023-38711 affects Libreswan before 4.12. An IKEv1 Quick Mode connection using ID_IPV4_ADDR/ID_IPV6_ADDR and receiving an IDcr with ID_FQDN triggers a NULL pointer dereference, causing the pluto daemon to crash and restart. Earliest affected version is 4.6. Remediation seen in connected advis...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...