2812 matches found
Cisco Adaptive Security Appliance Encrypted IPSec or IKEv2 Packet Modification Vulnerability
A vulnerability in the AES-GCM code of Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the contents of an encrypted IPSec or IKEv2 packet, and for those modifications not to be detected. The vulnerability is due to an error on the firmware of the...
Debian DLA-244-1 : strongswan security update
Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec suite used to establish IPsec protected links. When a client authenticate the server with certificates and the client authenticates using pre-shared key or EAP, the constraints on the server certificate are only enforced by the...
[SECURITY] Fedora 20 Update: libreswan-3.13-1.fc20
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
CVE-2015-0771
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
Code injection
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
CVE-2015-0771
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
DLA-244-1 strongswan - security update
Bulletin has no description...
[SECURITY] Fedora 22 Update: libreswan-3.13-1.fc22
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
[SECURITY] Fedora 21 Update: libreswan-3.13-1.fc21
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI
A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a...
Fedora 20 : ipsec-tools-0.8.2-1.fc20 (2015-8968)
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Debian DSA-3282-1 : strongswan - security update
Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec suite used to establish IPsec protected links. When an IKEv2 client authenticates the server with certificates and the client authenticates itself to the server using pre-shared key or EAP, the constraints on the server...
Fedora 21 : ipsec-tools-0.8.2-1.fc21 (2015-8948)
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Ubuntu: Security Advisory (USN-2623-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ipsec-tools FEDORA-2015-8948
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ipsec-tools FEDORA-2015-8968
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ipsec-tools packages fix CVE-2015-4047
Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...
MGASA-2015-0243 Updated ipsec-tools packages fix CVE-2015-4047
Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...
Cisco Catalyst 6500 Series Switches IPsec Tunnel Handling Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange IKE subsystem of the Cisco WS-IPSEC-3 service module could allow an authenticated, remote attacker to cause a reload of the Catalyst switch. The vulnerability is due to insufficient bounds checks on a specific message during the establishment of an IPs...
USN-2628-1: strongSwan vulnerability
Alexander E. Patrakov discovered that strongSwan incorrectly handled certain IKEv2 setups. A malicious server could possibly use this issue to obtain user credentials...