2808 matches found
CVE-2020-1829
Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memor...
CVE-2020-1829
CVE-2020-1829 affects Huawei NIP6800 (V500R001C30, V500R001C60SPC500) and Secospace USG6600/USG9500 (V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500). The IPSec module may improperly process a message, leading to a double-free condition and potential disruption of service. The issue is ad...
CVE-2020-1828
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific messag...
CVE-2020-1828
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific messag...
Input validation
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific messag...
CVE-2020-1828
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific messag...
CVE-2020-1828
CVE-2020-1828 affects Huawei NIP6800 (V500R001C30, V500R001C60SPC500, V500R005C00) and Secospace USG6600/USG9500 (V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00). The root cause is an input validation vulnerability in the IPSec module that fails to validate a field in a spec...
FreeBSD : FreeBSD -- Missing IPsec anti-replay window check (5797c807-4279-11ea-b184-f8b156ac3ff9)
A missing check means that an attacker can reinject an old packet and it will be accepted and processed by the IPsec endpoint. Impact : The impact depends on the higher-level protocols in use over IPsec. For example, an attacker who can capture and inject packets could cause an action that was...
Inferring and hijacking VPN-tunneled TCP connections
We have discovered a vulnerability in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android which allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and...
Security Advisory - Denial of Service Vulnerability in Some Huawei Firewall Products
There is a Denial of Service DoS vulnerability in some firewall products. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSEC function of the affected...
Security Advisory - Small OOB Read Vulnerability in Huawei Product
There is an out-of-bound read vulnerability that a memory management error exists when IPSec Module handing a specific message. Attackers can send specific message to cause 1 byte out-of-bound read, compromising normal service. Vulnerability ID: HWPSIRT-2019-12417 This vulnerability has been...
Security Advisory - Double Free Memory Vulnerability in Huawei Products
There is a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service. Vulnerability ID: HWPSIRT-2019-12420 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID...
FreeBSD -- Missing IPsec anti-replay window check
Problem Description: A missing check means that an attacker can reinject an old packet and it will be accepted and processed by the IPsec endpoint. Impact: The impact depends on the higher-level protocols in use over IPsec. For example, an attacker who can capture and inject packets could cause a...
About the security content of iOS 13.3.1 and iPadOS 13.3.1
About the security content of iOS 13.3.1 and iPadOS 13.3.1 This document describes the security content of iOS 13.3.1 and iPadOS 13.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
FreeBSD-SA-20:02.ipsec
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:02.ipsec Security Advisory The FreeBSD Project Topic: Missing IPsec anti-replay window check Category: core Module: kernel Announced: 2020-01-28 Credits:...
Security Advisory - Denial of Service Vulnerability in Huawei Product
There is a DoS vulnerability that IPSec Module handles a specific message incorrectly, causing memory unreleased. Attackers can send specific message to cause Denial of Service in IPSec module. Vulnerability ID: HWPSIRT-2019-12418 This vulnerability has been assigned a Common Vulnerabilities and...
Security Advisory - Input Validation Vulnerability in Huawei Products
There is an out-of-bound read vulnerability that the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service. Vulnerability ID: HWPSIRT-2019-12419 This vulnerability has been assigned a Common...
Design/Logic Flaw
Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...
CVE-2019-6147
Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...
CVE-2019-6147
The CVE-2019-6147 entry affects Forcepoint NGFW Security Management Center (SMC) versions older than 6.5.12 and 6.7.1. The issue is a rare data-corruption of the internal configuration database, which can lead the SMC to generate an incorrect IPsec configuration for Forcepoint NGFW. Consequences ...