EUVD-2014-3640

Malware in sbrugna...

EUVD-2013-2883

Malware in sbrugna...

Intel QAT Engine for OpenSSL software information disclosure vulnerability

The Intel QAT Engine for OpenSSL software is an open source software plug-in designed to accelerate OpenSSL cryptographic operations with Intel Quick Assist Technology QAT hardware. An information disclosure vulnerability exists in Intel QAT Engine for OpenSSL software, which can be exploited by...

SUSE SLED12 / SLES12 Security Update : strongswan (SUSE-SU-2019:3266-1)

This update for strongswan provides the following fixes : Security issues fixed : CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket bsc1094462. CVE-2018-10811: Fixed a...

Security update for strongswan (important)

openSUSE Security Update: Security update for strongswan Announcement ID: openSUSE-SU-2019:2598-1 Rating: important References: 1093536 1094462 1107874 1109845 Cross-References: CVE-2018-10811 CVE-2018-16151 CVE-2018-16152 CVE-2018-17540 CVE-2018-5388 Affected Products: openSUSE Leap 15.1 An upda...

openSUSE: Security Advisory for strongswan (openSUSE-SU-2019:2594-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

StrongSwan OpenSSL Plugin FIPS Mode Denial-of-Service (CVE-2018-10811)

A denial-of-service vulnerability exists in StrongSwan. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388)

strongSwan security team reports: A denial-of-service vulnerability in the IKEv2 key derivation was fixed if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF which is not FIPS-compliant. So this should only affect very specific setups, but in such configurations all...

CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

UBUNTU-CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

openSUSE Security Update : strongswan (openSUSE-SU-2013:0774-1)

Applied upstream patch for security vulnerability discovered by Kevin Wojtysiak in ECDSA signature verification of the strongswan openssl plugin bnc815236, CVE-2013-2944 0003-Check-return-value-of-ECDSAVerify-correctly.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

openSUSE Security Update : strongswan (openSUSE-SU-2013:0775-1)

Applied upstream patch for security vulnerability discovered by Kevin Wojtysiak in ECDSA signature verification of the strongswan openssl plugin bnc815236, CVE-2013-2944 0003-Check-return-value-of-ECDSAVerify-correctly.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

[BSA-086] Security update for strongswan

Updated strongswan packages for squeeze-backports and wheezy-backports fix the following vulnerabilities: - CVE-2013-2944: When using the openssl plugin for ECDSA based authentication, an empty, zeroed or otherwise invalid signature is handled as a legitimate one. - CVE-2013-6075: DoS vulnerabili...

CVE-2013-2944

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature...

CVE-2013-2944

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature...

CVE-2013-2944

CVE-2013-2944 affects strongSwan when using the openssl plugin for ECDSA verification, allowing remote authentication as another user via an invalid signature in versions 4.3.5–5.0.3. A patch was released (and patches applied in openSUSE updates) to fix the ECDSA signature verification issue; ups...

[SECURITY] [DSA 2665-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2665-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez April 30, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2665-1 (strongswan - authentication bypass)

Kevin Wojtysiak discovered a vulnerability in strongSwan, an IPsec based VPN solution. When using the OpenSSL plugin for ECDSA based authentication, an empty, zeroed or otherwise invalid signature is handled as a legitimate one. An attacker could use a forged signature to authenticate like a...

strongSwan -- ECDSA signature verification issue

strongSwan security team reports: If the openssl plugin is used for ECDSA signature verification an empty, zeroed or otherwise invalid signature is handled as a legitimate one. Both IKEv1 and IKEv2 are affected. Affected are only installations that have enabled and loaded the OpenSSL crypto backe...

Debian DSA-2483-1 : strongswan - authentication bypass

An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan...