529 matches found
CentOS 8 : libreswan (CESA-2023:7052)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:7052 advisory. - An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an erro...
RHEL 9 : libreswan (RHSA-2023:6549)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6549 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...
Rocky Linux 8 : libreswan (RLSA-2022:0199)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0199 advisory. - Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted IKEv1 packet because...
F5 Networks BIG-IP : IPsec IKEv1 vulnerability (K42378447)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K42378447 advisory. - The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair...
ROS-20230913-03
A vulnerability in libreswan software is related to a null pointer dereferencing error in the IKEv1 fast mode packets. Exploitation of the vulnerability could allow an attacker, remotely send specially crafted packets to the system and perform a denial-of-service attack. denial-of-service attack...
Oracle Linux 8 : libreswan (ELSA-2019-3391)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-3391 advisory. 3.29-6.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-6 - Resolves: rhbz1714331 support NSS based IKE KDFs require updated nss for rhbz...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
DEBIAN-CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38711
CVE-2023-38711 affects Libreswan before 4.12. An IKEv1 Quick Mode connection using ID_IPV4_ADDR/ID_IPV6_ADDR and receiving an IDcr with ID_FQDN triggers a NULL pointer dereference, causing the pluto daemon to crash and restart. Earliest affected version is 4.6. Remediation seen in connected advis...
CVE-2023-38712
CVE-2023-38712 (Libreswan) affects Libreswan 3.x and 4.x before 4.12. The issue occurs when an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, leading to a NULL point...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
Libreswan 代码问题漏洞
Libreswan is an IPsec implementation similar to Openswan, which is primarily used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan version 3.x, version 4.x up to and including version 4.12, which originates when an IKEv1 ISAKMP SA message...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
Denial Of Service (DoS)
libreswan is vulnerable to Denial of Service DoS attacks. This vulnerability exists in the pluto/ikev1.c file when processing IKEv1 Quick Mode requests. An attacker can exploit this vulnerability by sending a specially crafted IKEv1 Quick Mode packet to the libreswan server, which could cause the...