[SECURITY] Fedora 42 Update: openiked-7.4-2.fc42

OpenIKED is a free, permissively licensed Internet Key Exchange IKEv2 implementation, developed as part of the OpenBSD project. It is intended to be a lean, secure and inter-operable daemon that allows for easy setup and management of IPsec VPNs...

New VPN Hunter Service Scans Domains For Remote-Access Systems

If there’s one thing attackers love, it’s readily accessible remote-connection services running on a target company’s network. Once an attacker knows that an organization is running a specific kind of VPN or has RDP enabled on a bunch of machines, he can then start looking for known vulnerabiliti...

Nortel VPN Client Issue: Clear-text password stored in memory

Nortel VPN Client Issue: Clear-text password stored in memory Summary: NTA Monitor have discovered a password disclosure issue in the Nortel Windows VPN client: The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in...

Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets

Overview Internet Key Exchange IKE implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. Description The CERT/CC has received a report describin...