Strongswan

Strongswan

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-9221

  • EPSS 7.91%
  • Published 07.01.2015 19:59:01
  • Last modified 12.04.2025 10:46:40

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

5

CVE-2014-2891

  • EPSS 1.64%
  • Published 07.05.2014 10:55:06
  • Last modified 12.04.2025 10:46:40

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

6.4

CVE-2014-2338

  • EPSS 0.32%
  • Published 16.04.2014 18:37:14
  • Last modified 12.04.2025 10:46:40

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

5

CVE-2013-6076

  • EPSS 0.4%
  • Published 02.11.2013 18:55:03
  • Last modified 11.04.2025 00:51:21

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

5

CVE-2013-6075

  • EPSS 0.23%
  • Published 02.11.2013 18:55:03
  • Last modified 11.04.2025 00:51:21

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to imperso...

4.3

CVE-2013-5018

Exploit
  • EPSS 2.9%
  • Published 28.08.2013 23:55:10
  • Last modified 11.04.2025 00:51:21

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identit...

5.1

CVE-2013-2054

  • EPSS 1.82%
  • Published 09.07.2013 17:55:01
  • Last modified 11.04.2025 00:51:21

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitra...

4.9

CVE-2013-2944

  • EPSS 0.32%
  • Published 02.05.2013 14:55:05
  • Last modified 11.04.2025 00:51:21

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

7.5

CVE-2012-2388

  • EPSS 0.87%
  • Published 27.06.2012 21:55:02
  • Last modified 11.04.2025 00:51:21

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."

7.5

CVE-2010-2628

  • EPSS 5.73%
  • Published 20.08.2010 18:00:02
  • Last modified 11.04.2025 00:51:21

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers...