Lucene search
K

7 matches found

AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.7 views

Astra Linux – Vulnerability in StrongSwan

In the eap-mschapv2 plugin client-side in strongSwan, prior to version 6.0.3, a malicious EAP-MSCHAPv2 server could send a crafted message with a size of 6 to 8 bytes, causing an integer underflow, which could potentially lead to a heap-based buffer overflow...

8.1CVSS5.7AI score0.00879EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.2 views

PT-2025-44223

Name of the Vulnerable Software and Affected Versions strongSwan versions 5.9.13-2ubuntu4.25.04.1 Description The strongSwan client had an incorrect handling of EAP-MSCHAPv2 failure requests. An attacker could potentially cause a denial of service, or possibly execute arbitrary code, by tricking ...

8.1CVSS7.3AI score0.00879EPSS
Exploits0References27
OPENSUSE Linux
OPENSUSE Linux
added 2019/05/08 12:0 a.m.125 views

Security update for wpa_supplicant (moderate)

openSUSE Security Update: Security update for wpasupplicant Announcement ID: openSUSE-SU-2019:1345-1 Rating: moderate References: 1104205 1109209 Cross-References: CVE-2018-14526 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has one errata is now available...

6.5CVSS6.4AI score0.01476EPSS
Exploits0References2
OSV
OSV
added 2019/04/29 11:30 a.m.7 views

SUSE-SU-2019:1088-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: This security issue was fixed: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/10/29 12:0 a.m.21 views

openSUSE Security Update : wpa_supplicant (openSUSE-2018-1316)

This update for wpasupplicant provides the following fixes : This security issues was fixe : - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused t...

6.5CVSS6.6AI score0.01476EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2018/10/28 12:0 a.m.28 views

openSUSE: Security Advisory for wpa_supplicant (openSUSE-SU-2018:3539-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01476EPSS
Exploits0References2
Debian
Debian
added 2015/11/19 12:46 p.m.24 views

[SECURITY] [DLA 345-1] strongswan security update

Package : strongswan Version : 4.4.1-5.8 CVE ID : CVE-2015-8023 Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be...

5CVSS7.5AI score0.02582EPSS
Exploits0
Rows per page
Query Builder