70 matches found
AZL-74766 CVE-2025-62291 affecting package strongswan for versions less than 5.9.10-4
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
ALPINE-CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-62291
CVE-2025-62291 affects the eap-mschapv2 plugin in strongSwan (client-side). Vulnerable when using strongSwan before 6.0.3; a crafted EAP-MSCHAPv2 Failure message can trigger an integer underflow, potentially causing a heap-based buffer overflow. Connected advisories note patched packages: strongS...
openSUSE 16 Security Update : strongswan (openSUSE-SU-2025-20132-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20132-1 advisory. - CVE-2025-62291: Fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941. Tenable has extracted the preceding description block...
SUSE-SU-2025:21167-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: Fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...
Mageia: Security Advisory (MGASA-2025-0272)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:3904-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4359-1] strongswan security update
Debian LTS Advisory DLA-4359-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 03, 2025 https://wiki.debian.org/LTS Package : strongswan Version : 5.9.1-1+deb11u5 CVE ID : CVE-2025-62291 Xu Biang discovered a buffer overflow bug in the eap-mschapv2 plugin...
Debian dla-4359 : charon-cmd - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4359 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4359-1 [email protected] https://www.debian.org/lts/security/...
SUSE: Security Advisory (SUSE-SU-2025:3873-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:3904-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...
SUSE: Security Advisory (SUSE-SU-2025:3855-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:3855-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:3856-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:3857-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2025:3856-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3856-1 advisory. - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Tenable has extracted the preceding...
SUSE-SU-2025:3857-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
SUSE-SU-2025:3856-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...