117 matches found
EUVD-2018-8007
Malware in sbrugna...
EUVD-2018-9293
Malware in sbrugna...
EUVD-2021-28980
Malicious code in bioql PyPI...
SUSE CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a 1 empty or 2 zeroed RSA signature, aka "RSA signature verification vulnerability."...
SUSE CVE-2017-9022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpzpowmsec, which allows remote peers to cause a denial of service floating point exception and process crash via a crafted certificate...
SUSE CVE-2017-11185
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted RSA signature...
SUSE CVE-2018-16152
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...
SUSE CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
SUSE SLES11 Security Update : strongswan (SUSE-SU-2022:14887-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14887-1 advisory. - In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on G...
FreeBSD : strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache (58528a94-5100-4208-a04d-edc01598cf01)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 58528a94-5100-4208-a04d-edc01598cf01 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted...
Ubuntu 18.04 LTS / 20.04 LTS : strongSwan vulnerabilities (USN-5111-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5111-1 advisory. It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSw...
DEBIAN-CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
ALPINE-CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
AZL-6896 CVE-2021-41990 affecting package strongswan for versions less than 5.9.5-1
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
Integer overflow
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
CVE-2021-41990
CVE-2021-41990 affects the gmp plugin in strongSwan up to version 5.9.4, where processing a crafted certificate with an RSASSA-PSS signature can trigger a remote integer overflow. The issue can be exploited by an initiator sending an unrelated self-signed CA certificate, but remote code execution...
CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...