RedHat Update for openswan RHSA-2011:1422-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Medium: openswan

Issue Overview: A NULL pointer dereference flaw was found in the way Openswan's pluto IKE daemon handled certain error conditions. A remote, unauthenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. Affected Packages: openswan Issue Correction: Run yum...

openswan: IKE invalid key length allows remote unauthenticated user to crash openswan

Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service NULL pointer dereference and pluto IKE daemon crash via an ISAKMP message with an invalid KEYLENGTH attribute, which is not properly handled by the error handling function...

Moderate: Red Hat Security Advisory: openswan security update

Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

strongSwan Certificate and Identification Payload Parsing Buffer Overflow (CVE-2010-2628)

strongSwan is an open-source implementation of IPsec for Linux platforms including Debian, Ubuntu, FreeBSD and Mac OS X. It is a scalable VPN solution that supports the Internet Key Exchange IKE protocol version 1 as well as IKEv2. A remote code execution vulnerability has been reported in...

Cisco WRV210 null pointer dereference

Exploit for windows platform in category dos / poc ===================================== Cisco WRV210 null pointer dereference ===================================== / 2010-09-24 by Paolo j5r9pn3lka yahoo dot com Product: Cisco WRV210 Wireless-G VPN Router - RangeBooster Type: denial of service...

Debian DSA-1899-1 : strongswan - several vulnerabilities

Several remote vulnerabilities have been discovered in strongswan, an implementation of the IPSEC and IKE protocols. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1957 CVE-2009-1958 The charon daemon can crash when processing certain crafted IKEv2...

Debian DSA-1898-1 : openswan - denial of service

It was discovered that the pluto daemon in openswan, an implementation of IPSEC and IKE, could crash when processing a crafted X.509 certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

Debian Security Advisory DSA 1898-1 (openswan)

The remote host is missing an update to openswan announced via advisory DSA 1898-1. OpenVAS Vulnerability Test $Id: deb18981.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1898-1 openswan Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Debian: Security Advisory (DSA-1899-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1899-1 (strongswan)

The remote host is missing an update to strongswan announced via advisory DSA 1899-1. OpenVAS Vulnerability Test $Id: deb18991.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1899-1 strongswan Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

DSA-1899-1 strongswan - denial of service

Bulletin has no description...

DSA-1898-1 openswan - denial of service

Bulletin has no description...

SuSE 10 Security Update : strongswan (ZYPP Patch Number 6116)

By sending a specially crafted Dead Peer Detection DPD packet remote attackers could crash the pluto IKE daemon. CVE-2009-0790 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

SuSE 10 Security Update : openswan (ZYPP Patch Number 6117)

By sending a specially crafted Dead Peer Detection DPD packet remote attackers could crash the pluto IKE daemon. CVE-2009-0790 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

SuSE 11 Security Update : openswan (SAT Patch Number 1048)

Two vulnerabilities in the openswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon. CVE-2009-2185 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

SuSE 10 Security Update : openswan (ZYPP Patch Number 6328)

Two vulnerabilities in the openswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon. CVE-2009-2185 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE9 Security Update : freeswan (YOU Patch Number 12445)

Two vulnerabilities in the freeswan ASN.1 parser when handling RDNs, UTCTIME and GENERALIZEDTIME strings could lead to remote crashes of the pluto daemon CVE-2009-2185. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

openSUSE Security Update : openswan (openswan-1285)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...

openSUSE Security Update : strongswan (strongswan-1281)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...