36 matches found
SuSE 10 Security Update : strongswan (ZYPP Patch Number 6116)
By sending a specially crafted Dead Peer Detection DPD packet remote attackers could crash the pluto IKE daemon. CVE-2009-0790 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
openSUSE Security Update : strongswan (strongswan-1281)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : openswan (openswan-1285)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : strongswan (strongswan-1281)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
openSUSE Security Update : openswan (openswan-1285)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
Gentoo Security Advisory GLSA 200909-05 (openswan)
The remote host is missing updates announced in advisory GLSA 200909-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200909-05 (openswan)
The remote host is missing updates announced in advisory GLSA 200909-05. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
strongSwan Denial Of Service Vulnerability - Aug09
This host has strongSwan and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbstrongswandosvulnaug09.nasl 4869 2016-12-29 11:01:45Z teissa $ strongSwan Denial Of Service Vulnerability - Aug09 Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Design/Logic Flaw
The asn1length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names RDNs, which allows remote attackers to cause a denial of service pluto IKE daemon crash via malformed ASN.1 data...
CVE-2009-2661
The CVE-2009-2661 issue affects the OpenSwan/strongSwan pluto daemon (X.509 handling of RDNs). A crafted ASN.1 data input could crash pluto, causing a denial of service. The root cause is tied to an ASN.1 parsing length/structure handling for RDNs, with references indicating an incomplete prior f...
openSUSE Security Update : openswan (openswan-687)
By sending a specially crafted Dead Peer Detection DPD packet remote attackers could crash the pluto IKE daemon CVE-2009-0790. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openswan-687. The...
openSUSE Security Update : strongswan (strongswan-676)
By sending a specially crafted Dead Peer Detection DPD packet remote attackers could crash the pluto IKE daemon CVE-2009-0790. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update strongswan-676. T...
StrongSwan/Openswan Denial Of Service Vulnerability June-09
The host is installed with strongSwan/Openswan and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodstrongswannopenswandosvulnjun09.nasl 6515 2017-07-04 11:54:15Z cfischer $ StrongSwan/Openswan Denial Of Service Vulnerability June-09 Authors: Sharath S Copyright:...
CVE-2009-2185
The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...
CVE-2009-0790
OpenSwan/StrongSwan pluto IKE daemon vulnerable to denial of service via crafted DPD packets (R_U_THERE, R_U_THERE_ACK) that trigger a NULL pointer dereference due to inconsistent ISAKMP/phase2 state. Affected: Openswan/Strongswan IPsec implementations listed in CVE-2009-0790 with vulnerable rang...
DSA-1760-1 openswan - denial of service
Bulletin has no description...