2809 matches found
F5 Networks BIG-IP : IPsec vulnerability (K05013313)
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests. CVE-2015-4047 Impact When this vulnerability is exploited, the remote attacker may be able use crafted UDP requests to caus...
SOL05013313 - IPSec vulnerability CVE-2015-4047
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Cisco IOS XE Software IKEv1 State Machine DoS (CSCuw08236)
According to its self-reported version, the Cisco IOS XE software running on the remote device is affected by a denial of service vulnerability in the Internet Key Exchange version 1 IKEv1 subsystem due to insufficient condition checks in the IKEv1 state machine. An unauthenticated, remote attack...
Cisco IOS Software IKEv1 State Machine DoS (CSCuw08236)
According to its self-reported version, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the Internet Key Exchange version 1 IKEv1 subsystem due to insufficient condition checks in the IKEv1 state machine. An unauthenticated, remote attacker...
CVE-2015-6429
The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service IPsec connection termination via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236...
Design/Logic Flaw
The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service IPsec connection termination via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236...
Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange IKEv1 state machine of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to tear down valid IPsec connections, resulting in a partial denial of service DoS condition. The vulnerability is due to insufficient condition...
Debian DLA-345-1 : strongswan security update
Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without...
Debian DSA-3398-1 : strongswan - security update
Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without...
USN-2811-1: strongSwan vulnerability
It was discovered that the strongSwan eap-mschapv2 plugin incorrectly handled state. A remote attacker could use this issue to bypass authentication...
Debian Security Advisory DSA 3398-1 (strongswan - security update)
Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without...
CVE-2015-6111
IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service system hang via crafted IP traffic, aka "Windows IPSec Denial o...
Denial of service
IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service system hang via crafted IP traffic, aka "Windows IPSec Denial o...
CVE-2015-6111
CVE-2015-6111 describes a Denial of Service affecting Windows IPSec: IPSec in Windows 8/8.1, Windows Server 2012 (Gold/R2), Windows RT (Gold/8.1), and Windows 10 (Gold/1511) mishandles encryption negotiation, allowing an authenticated remote attacker to cause the system to hang via crafted IP tra...
CVE-2015-6111
IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service system hang via crafted IP traffic, aka "Windows IPSec Denial o...
Microsoft Windows IPSec Denial of Service Vulnerability (3102939)
This host is missing an important security update according to Microsoft Bulletin MS15-120. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows IPSec CVE-2015-6111 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the system to become non-responsive, resulting in a denial-of-service condition. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for...
MS15-120: Security Update for IPSec to Address Denial of Service (3102939)
The remote Windows host is affected by a denial of service vulnerability in the Internet Protocol Security IPSec service due to improper handling of encryption negotiation. An authenticated, remote attacker can exploit this, via a malicious application, to cause the host to become unresponsive. C...
RedHat Update for libreswan RHSA-2015:1979-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for libreswan CESA-2015:1979 centos7
Check the version of libreswan SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882312";...