Vulnerabilities in the operating system openSUSE, which allow a malicious individual to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools package of the OpenSUSE operating system can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools package of the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools package for the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Linux kernel AESNI buffer overflow vulnerability

Linux kernel is an open source operating system. A buffer overflow vulnerability exists in the 'driverrfc4106decrypt' function in the Linux kernel /arch/x86/crypto/aesni-intelglue.c file, which allows a local attacker to exploit the vulnerability by sending specially crafted IPSec packets to cras...

DSA-3237-1 linux - security update

Bulletin has no description...

Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20150408-asa)

The remote Cisco Adaptive Security Appliance ASA is missing a vendor-supplied security patch and is therefore affected by the following vulnerabilities : - A flaw exists in the failover ipsec feature due to not properly handling failover communication messages. An unauthenticated attacker, sendin...

Information disclosure

The failover ipsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.16, 9.2 before 9.23.3, and 9.3 before 9.33 does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrativ...

CVE-2015-0675

The failover ipsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.16, 9.2 before 9.23.3, and 9.3 before 9.33 does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrativ...

CVE-2015-0675

The failover ipsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.16, 9.2 before 9.23.3, and 9.3 before 9.33 does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrativ...

CVE-2015-0675

The CVE-2015-0675 issue affects Cisco ASA Software (failover IPsec feature) where failover communication messages are not properly validated. This allows a remote attacker to reconfigure an ASA device and potentially gain administrative control by sending crafted UDP packets over the local networ...

[SECURITY] Fedora 21 Update: strongswan-5.2.2-2.fc21

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...

[SECURITY] Fedora 20 Update: strongswan-5.2.2-1.fc20

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM5090.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 5.090 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone Networks GmbH,...

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows. Stand: 14. Ergänzungslieferung 14. EL. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-lat...

SUSE-SU-2015:0281-1 Security update for strongswan

This strongswan update fixes the following security and non security issues. - Disallow brainpool elliptic curve groups in fips mode bnc856322. - Applied an upstream fix for a denial-of-service vulnerability, which can be triggered by an IKEv2 Key Exchange payload, that contains the Diffie-Hellma...

Juniper Junos Fragmented OSPFv3 Packet DoS (JSA10668)

According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability when processing fragmented OSPFv3 packets with an IPsec Authentication Header AH. A remote attacker on an adjacent network can exploit this issue to crash the kernel,...

Juniper Networks Junos OS OSPFv3 Denial of Service Vulnerability

Junos OS with OSPFv3 IPSec authentication enabled is vulnerable to a Denial of Service attack. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2014-6385

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows...

Authentication flaw

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows...

CVE-2014-6385

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows...