Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian strongswan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2891
strongSwan prior to 5.1.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Debian Strongswan
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.2
Strongswan Strongswan
Strongswan Strongswan 5.0.0
NA
CVE-2014-9221
strongSwan 4.5.x up to and including 5.2.x prior to 5.2.1 allows remote malicious users to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
Strongswan Strongswan 5.1.2
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 5.2.0
Strongswan Strongswan 5.1.3
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.6.2
Strongswan Strongswan 5.1.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 4.6.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.3
Strongswan Strongswan 5.0.0
Strongswan Strongswan 4.5.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 14.10
NA
CVE-2015-4171
strongSwan 4.3.0 up to and including 5.x prior to 5.3.2 and strongSwan VPN Client prior to 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, whi...
Strongswan Strongswan Vpn Client
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Strongswan Strongswan 4.3.0
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.6.2
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.1.1
Strongswan Strongswan 5.3.0
Strongswan Strongswan 5.3.1
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.0
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.2.0
Strongswan Strongswan 5.2.1
NA
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.3.4
7.5
CVSSv3
CVE-2018-16151
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x prior to 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in t...
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2018-16152
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x prior to 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a ...
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
6.5
CVSSv3
CVE-2018-5388
In stroke_socket.c in strongSwan prior to 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2018-17540
The gmp plugin in strongSwan prior to 5.7.1 has a Buffer Overflow via a crafted certificate.
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2018-10811
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Fedoraproject Fedora 28
7.5
CVSSv3
CVE-2017-9022
The gmp plugin in strongSwan prior to 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »