Page 3 of 18 results (0.018 seconds)

CVSS: 6.4EPSS: 1%CPEs: 57EXPL: 0

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. IKEv2 en strongSwan 4.0.7 anterior a 5.1.3 permite a atacantes remotos evadir autenticación mediante la recodificación de un IKE_SA durante (1) iniciación o (2) re-autenticación, lo que provoca el estado de IKE_SA sea configurado como establecido. • http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00010.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html http://secunia.com/advisories/57823 http://www.debian.org/security/2014/dsa-2903 http://www.securityfocus.com/bid/66815 http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html • CWE-287: Improper Authentication •

CVSS: 5.1EPSS: 5%CPEs: 96EXPL: 0

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. Desbordamiento de buffer en la función atodn en strongSwan v2.0.0 hasta v4.3.4, cuando está activada "Opportunistic Encryption" y se usa una clave RSA, permite a atacantes remotos provocar una denegación de servicio (caida del demonio IKE) y posiblemente ejecutar código a través de registros DNS TXT. NOTA: esta podría ser la misma vulnerabilidad que CVE-2013-2053 y CVE-2013-2054. • http://download.strongswan.org/security/CVE-2013-2054/CVE-2013-2054.txt http://www.securityfocus.com/bid/59837 https://lists.libreswan.org/pipermail/swan-announce/2013/000003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 24EXPL: 0

The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185. La función asn1_length en strongSwan 2.8 antes de 2.8.11, 4.2 antes de 4.2.17 y 4.3 antes de 4.3.3 no maneja adecuadamente certificados X.509 con Relative Distinguished Names (RDNs) modificados, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio pluto IKE) mediante datos ASN.1 malformados. NOTA: Esto es debido a una solución incompleta de CVE-2009-2185. • http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.3.x_asn1_length.patch http://download.strongswan.org/patches/07_asn1_length_patch/strongswan-4.x.x_asn1_length.patch http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://secunia.com/advisories/36922 http://up2date.astaro.com/2009/08/up2date_7505_released.html http://www.debian.org/security/2009/dsa-1899 http:// • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 8%CPEs: 56EXPL: 0

The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string. El analizador ASN.1 pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) en (a) strongSwan v2.8 anterior a v2.8.10, v4.2 anterior a v4.2.16, y v4.3 anterior a v4.3.2; y (b) openSwan v2.6 anterior a v2.6.22 y v2.4 anterior a v2.4.15 permite a atacantes remotos provocar una denegación de servicio (caída del demonio IKE pluto) a través de un certificado X.509 con (1) Nombres Caracterizados Relativos (RDNs) (2) una cadena UTCTIME manipulada, o (3) una cadena GENERALIZEDTIME manipulada. • http://download.strongswan.org/CHANGES2.txt http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/CHANGES42.txt http://secunia.com/advisories/35522 http://secunia.com/advisories/35698 http://secunia.com/advisories/35740 http://secunia.com/advisories/35804 http://secunia.com/advisories/36922 http://secunia.com/advisories/36950 http://secunia.com/advisories/37504 http://up2date.astaro.com/2009/07/up2date_7404_released.html http://www.debian.org/security/2009/ • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 8%CPEs: 70EXPL: 0

charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request. charon/sa/ike_sa.c del demonio charon de strongSWAN anterior a v4.3.1, permite a atacantes remotos provocar una denegación de servicio (referenca a puntero nulo y caída) a través de una solicitud IKE_SA_INIT no válida que provoca "un estado incompleto", seguido de una solicitud CREATE_CHILD_SA. • http://download.strongswan.org/CHANGES4.txt http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.patch http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.readme http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35296 http://secunia.com/advisories/35685 http://secunia.com/advisories/36922 http://www.debian.org/security/2009/dsa-1899 http:& • CWE-399: Resource Management Errors •