CVSS: 5.0EPSS: 6%CPEs: 80EXPL: 0CVE-2009-1958
https://notcve.org/view.php?id=CVE-2009-1958
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector. charon/sa/tasks/child_create.c en el demonio charon en strongSWAN anteriores a v4.3.1 conmuta el test NULL por cargas destructivas TSi y TSr, lo que permite a los atacantes remotos causar una denegación de servicio a través de una petición IKE__AUTH sin un (1) TSi o (2) un selector de tráfico TSr. • http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.patch http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.readme http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35296 http://secunia.com/advisories/35685 http://secunia.com/advisories/36922 http://www.debian.org/security/2009/dsa-1899 http • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 2%CPEs: 61EXPL: 0CVE-2008-4551
https://notcve.org/view.php?id=CVE-2008-4551
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP). strongSwan 4.2.6 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante un mensaje con un número grande de valores NULL en una carga útil Key Exchange, lo que dispara una referencia a un puntero NULL para el valor de retorno de la función mpz_export en la GNU Multiprecision Library (GMP) (Biblioteca de Multiprecisión GNU). • http://download.strongswan.org/CHANGES4.txt http://labs.mudynamics.com/advisories/MU-200809-01.txt http://secunia.com/advisories/31963 http://www.securityfocus.com/bid/31291 http://www.securitytracker.com/id?1020903 http://www.vupen.com/english/advisories/2008/2660 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2004-0590
https://notcve.org/view.php?id=CVE-2004-0590
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject. FreeS/WAN 1.x y 2.x, y otros productos relacionados, incluyendo superfreeswan 1.x, openswan 1.x anteriores a 1.0.6, openswan 2.x anteriores a 2.1.4 y strongSwan anteriores a 2.1.3 permite a atacantes remotos autenticarse usando certificados PKCS#7 falsificados en los que un certificado auto-firmado identifica a una Autoridad Certificadora (CA) y a un usuario y asunto suplantados. • http://security.gentoo.org/glsa/glsa-200406-20.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070 http://www.openswan.org/support/vuln/can-2004-0590 https://exchange.xforce.ibmcloud.com/vulnerabilities/16515 •