Search CVE reports


Toggle filters

31 – 40 of 41 results


CVE-2013-5018

Medium priority
Ignored

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1)...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan Not affected
Show less packages

CVE-2013-2054

Medium priority
Ignored

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan
Show less packages

CVE-2013-2944

Medium priority
Ignored

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan Not affected
Show less packages

CVE-2012-2388

Medium priority
Ignored

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan Not affected
Show less packages

CVE-2010-2628

Medium priority
Ignored

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan
Show less packages

CVE-2009-2661

Medium priority
Ignored

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan
Show less packages

CVE-2009-2185

Medium priority

Some fixes available 3 of 8

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15...

2 affected packages

openswan, strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openswan
strongswan
Show less packages

CVE-2009-1958

Medium priority
Ignored

charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan
Show less packages

CVE-2009-1957

Medium priority
Ignored

charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state,"...

1 affected package

strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
strongswan
Show less packages

CVE-2009-0790

Medium priority

Some fixes available 1 of 9

The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart)...

2 affected packages

openswan, strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openswan
strongswan
Show less packages