19 matches found
EUVD-2014-2111
Malware in sbrugna...
CVE-2022-4967
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...
CVE-2022-4967
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
Null pointer dereference
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
FreeBSD : strongSwan -- certificate verification vulnerability (3f9b6943-ba58-11ed-bbbd-00e0670f2660)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3f9b6943-ba58-11ed-bbbd-00e0670f2660 advisory. - strongSwan reports: A vulnerability related to certificate verification in TLS-based EAP methods was...
PT-2023-2354 · Unknown +2 · Strongswan +2
Name of the Vulnerable Software and Affected Versions: strongSwan versions 5.9.8 through 5.9.9 Description: The issue is related to incorrect access control and an expired pointer dereference due to the use of a variable named public for two different purposes within the same function. This can...
strongSwan -- certificate verification vulnerability
strongSwan reports: A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected...
Authentication flaw
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
SUSE: Security Advisory (SUSE-SU-2020:3424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Eaphammer v1.9.0 - Targeted Evil Twin Attacks Against WPA2-Enterprise Networks
by Gabriel Ryan s0lst1c3gryanatspecterops.io EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface tha...
Denial Of Service (DoS)
freeradius is vulnerable to denial of service DoS attacks. The vulnerability exists as a stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly...
CVE-2014-2071
Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identiti...
CVE-2014-2071
Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identiti...
Mandriva Linux Security Advisory : freeradius (MDVSA-2013:038)
Updated freeradius packages fixes security vulnerabilities : It was found that the unix module ignored the password expiration setting in /etc/shadow. If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...