EUVD-2023-42486

Malicious code in bioql PyPI...

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

DEBIAN-CVE-2023-38710

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...

AZL-34935 CVE-2023-38710 affecting package libreswan for versions less than 4.7-6

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...

AZL-34937 CVE-2023-38712 affecting package libreswan for versions less than 4.7-6

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...

Null pointer dereference

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...

Libreswan 代码问题漏洞

Libreswan is an IPsec implementation similar to Openswan, which is primarily used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan version 3.x, version 4.x up to and including version 4.12, which originates when an IKEv1 ISAKMP SA message...

UBUNTU-CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

SUSE CVE-2013-2052

Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service pluto IKE daemon crash and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be t...

Libreswan 代码问题漏洞

Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security, integrity issues in data transmission. libreswan has a code issue vulnerability that can be exploited by an attacker to send specially crafted IKEv1 packets to an application, triggering a logging...