CVE-2022-4967

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...

CVE-2022-4967

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...

strongSwan 5.9.8 < 5.9.10 DoS Vulnerability

strongSwan is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-26463

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

Null pointer dereference

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...

Fedora 37 : strongswan (2023-25800591ef)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-25800591ef advisory. Update to 5.9.10 for CVE-2023-26463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

FreeBSD : strongSwan -- certificate verification vulnerability (3f9b6943-ba58-11ed-bbbd-00e0670f2660)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3f9b6943-ba58-11ed-bbbd-00e0670f2660 advisory. - strongSwan reports: A vulnerability related to certificate verification in TLS-based EAP methods was...

strongSwan -- certificate verification vulnerability

strongSwan reports: A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected...

Denial Of Service (DoS)

freeradius is vulnerable to denial of service DoS attacks. The vulnerability exists as a stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly...

Mandriva Update for freeradius MDVSA-2012:159 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDVSA-2012:159 freeradius Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Stack overflow

Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...

CVE-2012-3547

Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...