2808 matches found
xfrm Out-Of-Bounds Read Vulnerability
When dealing with XFRMMSGMIGRATE message, xfrmmigrate func does not check dir value of xfrmuserpolicyid. This will cause out of bound access to net-xfrm.policybydst in policyhashdirect func and others when dir value exceeds XFRMPOLICYMAX. Linux kernel versions 4.12 and below are affected. Issue...
Design/Logic Flaw
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
CVE-2016-10396 affects IPsec-Tools 0.8.2’s racoon daemon. A remote attacker can exhaust the remote endpoint’s resources by repeatedly sending ISAKMP fragment packets in a specific order, triggering a worst-case computational complexity in fragment reassembly (DoS). The NVD CVSSv3 base score is 7....
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
Removed by vendor...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
UBUNTU-CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2017-3865
A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. Affected Products: ASR 5000...
Design/Logic Flaw
A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. Affected Products: ASR 5000...
CVE-2017-3865
Cisco StarOS for ASR 5000 Series Routers/IPsec VPN DoS (CVE-2017-3865) arises from improper processing of IKE messages, triggering ipsecmgr reload and terminating all active IPsec tunnels, preventing new ones. Affected: ASR 5000 Series Routers, VPC Software. Root cause: IPsec component mishandlin...
CVE-2017-3865
A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. Affected Products: ASR 5000...
Portable Virtual Private Network: goSecure
Portable Virtual Private Network goSecure is an easy to use and portable Virtual Private Network VPN solution. The system consists of a single server and one or many clients. strongSwan is used to establish a Suite B IPsec tunnel with pre-shared keys between the server and clients. The core crypt...
Cisco StarOS IPsec Denial of Service Vulnerability
The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to long-term evolution. and StarOS is the suite of Linux operating systems used in them. Cisco StarOS for Cisco ASR 5000 Series Routers has a security vulnerability in the IPsec component...
Cisco StarOS for ASR 5000 Series Routers IPsec VPN Tunnel Denial of Service Vulnerability
A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. The vulnerability is due to...
Debian: Security Advisory (DSA-3866-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 used for L2TP over IPsec, preventing the affected router from accepting new connections; all devices will be disconnected from the router a...
CVE-2017-8338
A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 used for L2TP over IPsec, preventing the affected router from accepting new connections; all devices will be disconnected from the router a...
PWN2OWN 2017 the Linux kernel to mention the right vulnerability analysis-vulnerability warning-the black bar safety net
! 0. Foreword In 2017, the PWN2OWN contest, the long Pavilion security research lab Chaitin Security Research Lab successfully demonstrates Ubuntu 16.10 Desktop of the local extraction rights. This attack mainly use the linux kernel IPSEC frameworkfrom linux2. 6 Start supportin a memory bounds...
EulerOS 2.0 SP1 : python (EulerOS-SA-2016-1090)
According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximate...