Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2014/05/05 12:0 a.m.34 views

FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)

strongSwan developers report : Remote attackers are able to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established. Only installations that actively initiate or re-authenticate IKEv2 IKESAs are affected...

6.4CVSS8.1AI score0.02381EPSS
Exploits1References3
OSV
OSV
added 2014/04/16 6:37 p.m.2 views

DEBIAN-CVE-2014-2338

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...

6.4CVSS7.2AI score0.02381EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2014/04/16 6:0 p.m.23 views

CVE-2014-2338

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...

6.4CVSS6.6AI score0.02381EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/04/14 12:0 a.m.33 views

Debian Security Advisory DSA 2903-1 (strongswan - security update)

An authentication bypass vulnerability was found in charon, the daemon handling IKEv2 in strongSwan, an IKE/IPsec suite. The state machine handling the security association IKESA handled some state transitions incorrectly. An attacker can trigger the vulnerability by rekeying an unestablished IKE...

6.4CVSS0.02381EPSS
Exploits1References1
Rows per page
Query Builder