11 matches found
SUSE: Security Advisory (SUSE-SU-2017:1473-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-5389
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline...
EulerOS 2.0 SP1 : libreswan (EulerOS-SA-2016-1078)
According to the version of the libreswan package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A traffic amplification flaw was found in the Internet Key Exchange version 1 IKEv1 protocol. A remote attacker could use a libreswan server with...
Scientific Linux Security Update : libreswan on SL7.x x86_64 (20161103)
Security Fixes : - A traffic amplification flaw was found in the Internet Key Exchange version 1 IKEv1 protocol. A remote attacker could use a libreswan server with IKEv1 enabled in a network traffic amplification denial of service attack against other hosts on the network by sending UDP packets...
RHEL 7 : libreswan (RHSA-2016:2603)
An update for libreswan is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2016-5361
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service traffic amplification via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from...
CVE-2016-5361
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service traffic amplification via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from...
CVE-2011-3266
The prototreeadditem function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a malformed IKE packet and many items in a tree...
CVE-2011-3266
The prototreeadditem function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a malformed IKE packet and many items in a tree...
CVE-2011-3266
The prototreeadditem function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a malformed IKE packet and many items in a tree...
CVE-2011-3266
The prototreeadditem function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a malformed IKE packet and many items in a tree...