Strongswan

Strongswan

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.6

CVE-2015-4171

  • EPSS 1.01%
  • Veröffentlicht 10.06.2015 18:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is...

5

CVE-2014-9221

  • EPSS 7.91%
  • Veröffentlicht 07.01.2015 19:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

5

CVE-2014-2891

  • EPSS 1.64%
  • Veröffentlicht 07.05.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

6.4

CVE-2014-2338

  • EPSS 0.32%
  • Veröffentlicht 16.04.2014 18:37:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

5

CVE-2013-6076

  • EPSS 0.4%
  • Veröffentlicht 02.11.2013 18:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

5

CVE-2013-6075

  • EPSS 0.23%
  • Veröffentlicht 02.11.2013 18:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to imperso...

4.3

CVE-2013-5018

Exploit
  • EPSS 2.9%
  • Veröffentlicht 28.08.2013 23:55:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identit...

5.1

CVE-2013-2054

  • EPSS 1.82%
  • Veröffentlicht 09.07.2013 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitra...

4.9

CVE-2013-2944

  • EPSS 0.32%
  • Veröffentlicht 02.05.2013 14:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

7.5

CVE-2012-2388

  • EPSS 0.87%
  • Veröffentlicht 27.06.2012 21:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."