Updated libreswan packages fix security vulnerability

A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution. CVE-2023-230...

SUSE CVE-2011-3380

Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service NULL pointer dereference and pluto IKE daemon crash via an ISAKMP message with an invalid KEYLENGTH attribute, which is not properly handled by the error handling function...

SUSE CVE-2011-4073

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service pluto IKE daemon crash via vectors related to the 1 quickoutI1continue and 2 quickoutI1 functions...

SUSE CVE-2013-2052

Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service pluto IKE daemon crash and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be t...

SUSE CVE-2015-3240

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...

SUSE CVE-2019-12312

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKESAINIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKEAUTH exchange. This affects...

plutobooks.com Cross Site Scripting vulnerability OBB-2917471

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross-site Scripting in Apache Pluto Chatroom demo

The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting XSS attacks. Mitigation: Uninstall the ChatRoomDemo war file - or - migrate to version 3.1.0 of the chat-room-demo war file...

GHSA-W47G-4VRC-M3W2 Cross-site Scripting in Apache Pluto Chatroom demo

The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting XSS attacks. Mitigation: Uninstall the ChatRoomDemo war file - or - migrate to version 3.1.0 of the chat-room-demo war file...

GHSA-V49X-8HVM-Q347 Exposure of Sensitive Information in Apache Pluto

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain...

org.apache.portals.pluto:pluto-ant-tasks (=3.0.0), org.apache.portals.pluto:pluto-common (=3.0.0) +6 more potentially affected by CVE-2018-1306 via org.apache.portals.pluto:pluto-container (=3.0.0)

org.apache.portals.pluto:pluto-container MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.portals.pluto:pluto-container and may be impacted: - org.apache.portals.pluto:pluto-ant-tasks =3.0.0 -...

Exposure of Sensitive Information in Apache Pluto

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain...

Email-Worm.Win32.Pluto.b Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/60a7d5e2d446110d84ef65f6a37af0eb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Pluto.b Vulnerability: Insecure Permissions Description: The malware writes a dir a...

Mageia: Security Advisory (MGASA-2020-0215)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated libreswan packages fix security vulnerability

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. CVE-2022-23094...

libreswan: Malicious IKEv1 packet can cause libreswan to restart

A vulnerability was found in libreswan. A malformed packet that is being rejected triggers a logging action that causes a NULL pointer dereference issue, leading to a crash of the pluto daemon...

CVE-2022-23094

A vulnerability was found in libreswan. A malformed packet that is being rejected triggers a logging action that causes a NULL pointer dereference issue, leading to a crash of the pluto daemon. Mitigation If all configured connections are using IKEv2, the IKEv1 subsystem can be disabled by adding...

Libreswan Code Issue Vulnerability (CNVD-2022-15522)

Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security, integrity issues in data transmission. libreswan has a code issue vulnerability that can be exploited by an attacker to send specially crafted IKEv1 packets to an application, triggering a logging...

Libreswan 代码问题漏洞

Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security, integrity issues in data transmission. libreswan has a code issue vulnerability that can be exploited by an attacker to send specially crafted IKEv1 packets to an application, triggering a logging...

Apache Pluto Cross-Site Scripting Vulnerability (CNVD-2022-04997)

A cross-site scripting vulnerability exists in the Apache Pluto Applicant MVCBean CDI portlet, which stems from the Apache Pluto Applicant MVCBean CDI runtime environment. portlet is vulnerable to cross-site scripting XSS attacks in the input fields of the JSP version of the portlet. No details o...