2808 matches found
MGASA-2018-0010 Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
IPv6, it’s waiting for you
IPv6 is an expression IT professionals are likely to have seen or heard at one time, but what exactly is it? Let us give you a quick introduction, and then try to explain what it does differently by comparing it to its predecessor, IPv4. IPv4 and IPv6 are both Internet communications protocols...
USN-3482-1: ipsec-tools vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service...
Design/Logic Flaw
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug...
CVE-2017-12289
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug...
CVE-2017-12289
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug...
CVE-2017-12289
CVE-2017-12289 affects Cisco IOS XE Software IPsec verbose/dependent logging. The issue lies in the conditional, verbose debug logging implementation, causing sensitive IPsec information to be written to the system log. An authenticated, local attacker with valid admin credentials could enable IP...
Cisco IOS XE Software Verbose Debug Logging Information Disclosure Vulnerability
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug...
CVE-2011-4667
The encryption library in Cisco IOS Software 15.21T, 15.21T1, and 15.22T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.26, and Cisco IOS in Cisco VPN Services Port Adaptor for...
CVE-2011-4667
Cisco reports a vulnerability in the encryption library used by Cisco IOS Software (15.2(1)T, 15.2(1)T1, 15.2(2)T), Cisco NX-OS on MDS 9222i, MDS 9000 modules, and Cisco IOS in VPN Services Port Adaptor for Catalyst 6500 (12.2(33)SXI/SXJ); affected sessions protected by IPsec could leak part of t...
JVN#76692689: SEIL Series routers vulnerable to denial-of-service (DoS)
The IPsec/IKE function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Impact Receiving a specially crafted packet may result in a temporary failure of the device's encrypted communication...
ike-scan - Discover and fingerprint IKE hosts (IPsec VPN Servers)
Discover and fingerprint IKE hosts IPsec VPN Servers. Building and Installing ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter source...
USN-3397-1: strongSwan vulnerability
It was discovered that strongSwan incorrectly handled verifying specific RSA signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service...
Algo VPN - Set up a personal IPSEC VPN in the cloud
Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. Features Supports only IKEv2 with strong crypto: AES-GCM, SHA2, and P-256...
NetScaler SD-WAN Troubleshooting Guide
Citrix SD-WAN, formerly NetScaler SD-WAN This articles helps you diagnose, troubleshoot, and resolve common issue encountered on NetScaler SD-WAN. Note : This is a master overview article. The detailed information for each topic is covered in its individual articles. CTX236987 - Information to Ke...
Debian DLA-1044-1 : ipsec-tools security update
The racoon daemon in IPsec-Tools 0.8.2 and earlier contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragmen...
[SECURITY] [DLA 1044-1] ipsec-tools security update
Package : ipsec-tools Version : 1:0.8.0-14+deb7u1 CVE ID : CVE-2016-10396 Debian Bug : 867986 The racoon daemon in IPsec-Tools 0.8.2 and earlier contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker ...
DLA-1044-1 ipsec-tools - security update
Bulletin has no description...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...