24 matches found
Unity Linux 20.1070e Security Update: strongswan (UTSA-2026-016762)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016762 advisory. In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods...
EUVD-2021-31872
Malicious code in bioql PyPI...
GLSA-202405-08 : strongSwan: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202405-08 strongSwan: Multiple Vulnerabilities - The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger...
openSUSE 15 Security Update : strongswan (openSUSE-SU-2022:0492-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0492-1 advisory. - In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the...
SUSE SLED15: strongswan / strongswan-doc / strongswan-hmac / strongswan-ipsec / etc (SUSE-SU-2022:0492-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0492-1 advisory. - CVE-2021-45079: Fixed authentication bypass in EAP authentication. bsc1194471 Tenable has extracted the preceding...
SUSE SLES11 Security Update : strongswan (SUSE-SU-2022:14887-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14887-1 advisory. - In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on G...
strongSwan 4.1.2 < 5.9.5 Early EAP-Success Messages Vulnerability
strongSwan is prone to an incorrect handling of early EAP-Success messages vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
ALPINE-CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
Authentication flaw
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
CVE-2021-45079
Summary: CVE-2021-45079 affects strongSwan prior to 5.9.5. A malicious responder can send an EAP-Success message before proper authentication, and in EAP methods with mutual authentication and EAP-only authentication for IKEv2, potentially bypassing server authentication. What is affected: strong...
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
CVE-2021-45079
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2 even without server authentication...
Debian DSA-5056-1 : strongswan - security update
The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5056 advisory. Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even...
FreeBSD : strongswan - Incorrect Handling of Early EAP-Success Messages (ccaea96b-7dcd-11ec-93df-00224d821998)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ccaea96b-7dcd-11ec-93df-00224d821998 advisory. - In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without...
SUSE SLES15: strongswan / strongswan-doc / strongswan-hmac / strongswan-ipsec / etc (SUSE-SU-2022:0211-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0211-1 advisory. - CVE-2021-45079: Fixed authentication bypass in EAP authentication. bsc1194471 Tenable has extracted the preceding description block direct...
Authentication Bypass
strongswan is vulnerable to Authentication Bypass. The vulnerability exists due to improper handling of EAP-Success messages. A remote attacker can send a specially crafted early EAP-Success message to the affected system and bypass authentication or perform a denial of service attack...
Ubuntu 18.04 LTS / 20.04 LTS : strongSwan vulnerability (USN-5250-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5250-1 advisory. Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash,...