3 matches found
CVE-2021-0649
In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass. This could lead to local escalation of privilege CONTROLALWAYSONVPN with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Debian Security Advisory DSA 2789-1 (strongswan - Denial of service and authorization bypass)
A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a denial of service daemon crash or an authorization...
DSA-2789-1 strongswan - Denial of service and authorization bypass
Bulletin has no description...