CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-15836
https://notcve.org/view.php?id=CVE-2018-15836
26 Sep 2018 — In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used. En Openswan en versiones anteriores a la 2.6.50.1, la verificación de firmas IKEv2 es vulnerable a "variantes de ataques de bajo exponente de Bleichenba... • https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 1%CPEs: 76EXPL: 0CVE-2013-6466 – openswan: dereferencing missing IKEv2 payloads causes pluto daemon to restart
https://notcve.org/view.php?id=CVE-2013-6466
26 Jan 2014 — Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Openswan v2.6.39 y anteriores permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y reinicio del demonio IKE) a través de paquetes IKEv2 que cuenten con payloads esperados. Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography ... • http://rhn.redhat.com/errata/RHSA-2014-0185.html •
CVSS: 9.8EPSS: 1%CPEs: 38EXPL: 0CVE-2013-2053 – Openswan: remote buffer overflow in atodn()
https://notcve.org/view.php?id=CVE-2013-2053
09 Jul 2013 — Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054. Desbordamiento de buffer en la función atodn en Openswan anteriores a v2.6.39, cuando está activada Opportunistic Encryptiony se usa una clave RSA, permit... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 1%CPEs: 73EXPL: 0CVE-2011-4073 – openswan: use-after-free vulnerability leads to DoS
https://notcve.org/view.php?id=CVE-2011-4073
17 Nov 2011 — Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions. Una vulnerabilidad de uso de memoria previamente liberada en la funcionalidad del manejador auxiliar criptográfico en Openswan versión 2.3.0 hasta 2.6.36, permite a los usuarios autenticados remotos causar una denegación de servi... • http://secunia.com/advisories/46678 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2011-3380 – openswan: IKE invalid key length allows remote unauthenticated user to crash openswan
https://notcve.org/view.php?id=CVE-2011-3380
17 Nov 2011 — Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function. Openswan v2.6.29 a través de v2.6.35 permite a atacantes remotos provocar una denegación de servicio (puntero a NULL y Plutón accidente demonio IKE) a través de un mensaje ISAKMP con un atributo no válido key_length, que no se gestiona adecuadamente po... • http://secunia.com/advisories/46306 •