Page 4 of 33 results (0.003 seconds)

CVSS: 2.6EPSS: 0%CPEs: 39EXPL: 0

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. strongSwan 4.3.0 hasta 5.x anterior a 5.3.2 y strongSwan VPN Client anterior a 1.4.6, cuando utiliza claves EAP o precompartidas para la autenticación de una conexión IKEv2, no refuerza las restricciones de autenticación de servidores hasta que el proceso de autenticación entero se haya completado, lo que permite a servidores remotos obtener credenciales mediante el uso de un certificado válido y posteriormente la lectura de las respuestas. • http://lists.opensuse.org/opensuse-updates/2015-06/msg00040.html http://www.debian.org/security/2015/dsa-3282 http://www.openwall.com/lists/oss-security/2015/05/29/6 http://www.openwall.com/lists/oss-security/2015/05/29/7 http://www.openwall.com/lists/oss-security/2015/06/08/4 http://www.securityfocus.com/bid/74933 http://www.securitytracker.com/id/1032514 http://www.ubuntu.com/usn/USN-2628-1 https://bugzilla.suse.com/show_bug.cgi?id=933591 https: • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 5%CPEs: 25EXPL: 0

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025. strongSwan 4.5.x hasta 5.2.x anterior a 5.2.1 permite a atacantes remotos causar una denegación de servicio (referencia a puntero inválido) a través de un mensaje IKEv2 Key Exchange (KE) manipulado con el grupo Diffie-Hellman (DH) 1025. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153825.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00054.html http://secunia.com/advisories/62071 http://secunia.com/advisories/62083 http://secunia.com/advisories/62095 http://secunia.com/advisories/62663 http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-%28cve-2014-9221%29.html http://www.debian.or • CWE-19: Data Processing Errors •

CVSS: 5.0EPSS: 4%CPEs: 8EXPL: 0

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. strongSwan en versiones anteriores a 5.1.2 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero null y una caída del demonio IKE) a través de un payload IDER_ASN1_DN ID manipulado. • http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html http://secunia.com/advisories/59864 http://www.debian.org/security/2014/dsa-2922 http://www.securityfocus.com/bid/67212 http://www.strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-%28cve-2014-2891%29.html •

CVSS: 6.4EPSS: 1%CPEs: 57EXPL: 0

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established. IKEv2 en strongSwan 4.0.7 anterior a 5.1.3 permite a atacantes remotos evadir autenticación mediante la recodificación de un IKE_SA durante (1) iniciación o (2) re-autenticación, lo que provoca el estado de IKE_SA sea configurado como establecido. • http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00010.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00064.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00066.html http://secunia.com/advisories/57823 http://www.debian.org/security/2014/dsa-2903 http://www.securityfocus.com/bid/66815 http://www.strongswan.org/blog/2014/04/14/strongswan-authentication-bypass-vulnerability-%28cve-2014-2338%29.html • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 0%CPEs: 22EXPL: 0

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison. La función compare_dn en utils/identification.c en strongSwan 4.3.3 hasta la versión 5.1.1 permite (1) a atacantes remotos provocar una denegación de servicio (leer fuera de los límites, referencia a un puntero NULL, y la caída del demonio) o (2) usuarios remotos autenticados suplantar a usuarios arbitrarios y evitar las restricciones de acceso a través de un ID ID_DER_ASN1_DN elaborado, relacionado con un "insufficient length check" en comparación de identidad. • http://download.strongswan.org/security/CVE-2013-6075/strongswan-4.3.3-5.1.0_id_dn_match.patch http://www.debian.org/security/2012/dsa-2789 http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6075%29.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •