Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation through the RDNsMatch LDAP DN matching function in the internal/ldap component. An attacker can impersonate a trusted client and gain unauthorized access by presenting a certificate with a different set o...

UBUNTU-CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

SA130 : Security Control Bypass Vulnerability in ProxySG, ASG, and CacheFlow

SUMMARY Some HTTP and HTTPS requests may trigger reverse DNS RDNS lookups in ProxySG, ASG, and CacheFlow. When these products are configured with policy rules that use hostnames from RDNS lookup results, such requests may bypass security controls such as blocking a request, requiring user...

Host Fully Qualified Domain Name (FQDN) Resolution (XML tag)

Nessus was able to resolve the fully qualified domain name FQDN of the remote host. This plugin, which does not show up in the report, writes the IP and FQDN of this host as an XML tag in the .nessus v2 reports. TRUSTED...

CVE-2009-2661

The CVE-2009-2661 issue affects the OpenSwan/strongSwan pluto daemon (X.509 handling of RDNs). A crafted ASN.1 data input could crash pluto, causing a denial of service. The root cause is tied to an ASN.1 parsing length/structure handling for RDNs, with references indicating an incomplete prior f...

CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

Code injection

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...