[SECURITY] Fedora 24 Update: libreswan-3.18-1.fc24

Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

Siemens SICAM RTU Devices Denial-of-Service Vulnerability

OVERVIEW Stephan Beirer, Markus Mahrla, Toralf Gimpel, and Sebastian Krause, from GAI NetConsult GmbH, and Adam Crain of Automatak LLC have identified a denial-of-service vulnerability in Siemens SICAM products. Siemens has produced a firmware update to mitigate this vulnerability. This...

CVE-2016-1379

Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...

CVE-2016-1379

Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...

Code injection

Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...

CVE-2016-1379

CVE-2016-1379 affects Cisco ASA Software 9.0–9.5.1 where IPsec error handling mishandling in the IPsec code can be triggered by crafted LAN-to-LAN or Remote Access VPN tunnel packets, allowing an authenticated remote attacker to exhaust memory and cause DoS (traffic forwarding may stop). Cisco’s ...

CVE-2016-1379

Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...

Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability (cisco-sa-20160517-asa-vpn)

A vulnerability in the IPsec code of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service DoS condition. Copyright C 2016...

Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability

A vulnerability in the IPsec code of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service DoS condition. The vulnerability is d...

Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange IKEv1 state machine of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to tear down valid IPsec connections, resulting in a partial denial of service DoS condition. The vulnerability is due to insufficient condition...

SOL93600123 - OpenSSL vulnerability CVE-2016-2107

2 IPsec is vulnerable only in phase 1 IKE racoon, if configured to use AES-CBC. Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be no...

[SECURITY] Fedora 22 Update: libreswan-3.17-1.fc22

Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

[SECURITY] Fedora 23 Update: libreswan-3.17-1.fc23

Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

[SECURITY] Fedora 24 Update: libreswan-3.17-1.fc24

Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

[SECURITY] Fedora 24 Update: NetworkManager-strongswan-1.3.1-3.20160330libnm.fc24

This package contains software for integrating the strongSwan IPSec VPN with NetworkManager...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20160323)

It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2016:0494 Updated kernel packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability...

RHEL 6 : kernel (RHSA-2016:0494)

Updated kernel packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix three security issues, multiple bugs, and one enhancement are now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

F5 Networks BIG-IP : IPsec vulnerability (K05013313)

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests. CVE-2015-4047 Impact When this vulnerability is exploited, the remote attacker may be able use crafted UDP requests to caus...