Strongswan

Strongswan

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-9221

  • EPSS 7.91%
  • Veröffentlicht 07.01.2015 19:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

5

CVE-2014-2891

  • EPSS 1.64%
  • Veröffentlicht 07.05.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.

6.4

CVE-2014-2338

  • EPSS 0.32%
  • Veröffentlicht 16.04.2014 18:37:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

5

CVE-2013-6076

  • EPSS 0.4%
  • Veröffentlicht 02.11.2013 18:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

5

CVE-2013-6075

  • EPSS 0.23%
  • Veröffentlicht 02.11.2013 18:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to imperso...

4.3

CVE-2013-5018

Exploit
  • EPSS 2.9%
  • Veröffentlicht 28.08.2013 23:55:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identit...

5.1

CVE-2013-2054

  • EPSS 1.82%
  • Veröffentlicht 09.07.2013 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitra...

4.9

CVE-2013-2944

  • EPSS 0.32%
  • Veröffentlicht 02.05.2013 14:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

7.5

CVE-2012-2388

  • EPSS 0.87%
  • Veröffentlicht 27.06.2012 21:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."

7.5

CVE-2010-2628

  • EPSS 5.73%
  • Veröffentlicht 20.08.2010 18:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers...