[ike-scan] Discover & Fingerprint IKE Hosts (IPsec VPN Servers)

ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan can perform the following functions: Discovery Determine which hosts in a given IP range are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by...

CVE-2013-6694

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service MTU change and tunnel-session drop via crafted ICMP packets, aka Bug ID CSCul29918...

Information disclosure

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service MTU change and tunnel-session drop via crafted ICMP packets, aka Bug ID CSCul29918...

Cisco IOS Software ICMP Processing Denial of Service Vulnerability

A vulnerability in IPSec tunnel implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to change the tunnel MTU or path MTU and potentially cause IPSec tunnels to drop. The vulnerability is due to incorrect processing of certain ICMP packets. An attacker could exploi...

CVE-2013-6694

The vulnerability CVE-2013-6694 affects the IPSec tunnel implementation in Cisco IOS Software. It allows an unauthenticated, remote attacker to change the tunnel MTU or path MTU and potentially cause IPSec tunnels to drop by sending crafted ICMP packets. Root cause: incorrect processing of certai...

CVE-2013-6694

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service MTU change and tunnel-session drop via crafted ICMP packets, aka Bug ID CSCul29918...

Kernel: net: information leak in AF_KEY notify

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95069 Stand: 13. Ergänzungslieferung 13. EL. OpenVAS Vulnerabili...

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows

IT-Grundschutz M5.090: Einsatz von IPSec unter Windows. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95069 Stand: 13. Ergänzungslieferung 13. EL...

Debian DSA-2789-1 : strongswan - Denial of service and authorization bypass

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a denial of service daemon crash or an authorization...

CVE-2013-5548

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795...

Authentication flaw

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795...

CVE-2013-5548

The CVE-2013-5548 issue affects Cisco IOS IKEv2 when using AES-GCM or AES-GMAC for Phase 2 SAs. The vulnerability is due to improper logic that enables or disables IPsec anti-replay protection, allowing remote attackers to bypass anti-replay protections on IPsec tunnel traffic. Affected component...

CVE-2013-5548

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795...

Debian Security Advisory DSA 2789-1 (strongswan - Denial of service and authorization bypass)

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a denial of service daemon crash or an authorization...

Debian: Security Advisory (DSA-2789-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco IOS Software Internet Key Exchange Version 2 Anti-replay Protection Disabled Vulnerability

A vulnerability in the implementation of the Cisco IOS Software Internet Key Exchange version 2 IKEv2 protocol may cause the anti-replay capabilities of IPsec to be disabled. This issue occurs only when using the Advanced Encryption Standard Galois/Counter Mode AES-GCM or the AES Galois Message...

Ubuntu Update for linux-ti-omap4 USN-1993-1

Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN19931.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ti-omap4 USN-1993-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...

Ubuntu: Security Advisory (USN-1993-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...