SUSE-SU-2026:1307-1 Security update for strongswan

This update for strongswan fixes the following issue: - CVE-2026-25075: integer underflow when handling EAP-TTLS AVP bsc1259472...

MGASA-2026-0072 Updated strongswan packages fix security vulnerability

strongSwan 4.5.0 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. CVE-2026-25075...

[SECURITY] [DLA 4512-1] strongswan security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4512-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 27, 2026 https://wiki.debian.org/LTS -...

strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow

...

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2026:0980-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0980-1 advisory. - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Tenable has extracted the preceding...

SUSE SLES15 / openSUSE 15 Security Update : strongswan (SUSE-SU-2026:0979-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0979-1 advisory. - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Tenable has extracted the preceding descripti...

SUSE SLES15 Security Update : strongswan (SUSE-SU-2026:0978-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0978-1 advisory. - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Other bug fixes: -Fix rpm scripts to not break swanctl.conf...

strongSwan 4.5.0 < 6.0.5 DoS Vulnerability

strongSwan is prone to a denial of service DoS vulnerability. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Ubuntu: Security Advisory (USN-8117-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...

SUSE-SU-2026:0980-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Other bug fixes: -Fix rpm scripts to not break swanctl.conf use bsc1256442: Guard rpm migration scripts migrating strongswan.service using ipsec.conf on less than...

EUVD-2007-2023

Malware in sbrugna...

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 CVSS score: 9.3, the vulnerability has been described as a case of missing authentication in its...

Null pointer dereference

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

SUSE CVE-2007-2028

Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service memory consumption via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUEPAIR...

August 30, 2018—KB4343893 (OS Build 16299.637)

August 30, 2018—KB4343893 OS Build 16299.637 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue in Microsoft Foundation Class MFC applications that may cause applications t...

FreeRADIUS Server Configuration Tool

Developed for the Linux operating system and written in the python programming language. The purpose of the program is to configure the FreeRADIUS server easily and quickly. To get a grasp of what FreeRADIUS is, it would help to firstly understand what the concept RADIUS stands for: RADIUS : RADI...

Access Point Impersonation Attacks: hostapd-wpe

hostapd-wpe – Wireless Pwnage Edition – hostapd-wpe is the replacement for FreeRADIUS-WPE . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable...

SuSE Update for NetworkManager, wpa_supplicant, NetworkManager-gnome SUSE-SA:2011:045

Check for the Version of NetworkManager, wpasupplicant, NetworkManager-gnome OpenVAS Vulnerability Test SuSE Update for NetworkManager, wpasupplicant, NetworkManager-gnome SUSE-SA:2011:045 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.ne...