Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
strongswan strongswan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-41913
strongSwan prior to 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
Strongswan Strongswan
9.8
CVSSv3
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack v...
Strongswan Strongswan 5.9.9
Strongswan Strongswan 5.9.8
7.5
CVSSv3
CVE-2022-40617
strongSwan prior to 5.9.8 allows remote malicious users to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn'...
Strongswan Strongswan
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Stormshield Stormshield Network Security
9.1
CVSSv3
CVE-2021-45079
In strongSwan prior to 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
Strongswan Strongswan
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Extra Packages For Enterprise Linux 9.0
Fedoraproject Extra Packages For Enterprise Linux 7.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.10
7.5
CVSSv3
CVE-2021-41990
The gmp plugin in strongSwan prior to 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
Strongswan Strongswan
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Siemens 6gk6108-4am00-2ba2 Firmware -
Siemens 6gk6108-4am00-2da2 Firmware -
Siemens 6gk5804-0ap00-2aa2 Firmware -
Siemens 6gk5812-1aa00-2aa2 Firmware -
Siemens 6gk5812-1ba00-2aa2 Firmware -
Siemens 6gk5816-1aa00-2aa2 Firmware -
Siemens 6gk5816-1ba00-2aa2 Firmware -
Siemens 6gk5826-2ab00-2ab2 Firmware -
Siemens 6gk5874-2aa00-2aa2 Firmware -
Siemens 6gk5874-3aa00-2aa2 Firmware -
Siemens 6gk5876-3aa02-2ba2 Firmware -
Siemens 6gk5876-3aa02-2ea2 Firmware -
Siemens 6gk5876-4aa00-2ba2 Firmware -
Siemens 6gk5876-4aa00-2da2 Firmware -
Siemens 6gk5856-2ea00-3da1 Firmware -
Siemens 6gk5856-2ea00-3aa1 Firmware -
7.5
CVSSv3
CVE-2021-41991
The in-memory certificate cache in strongSwan prior to 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by m...
Strongswan Strongswan
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Siemens Sinema Remote Connect Server -
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware -
Siemens Simatic Cp 1243-1 Firmware -
Siemens Simatic Cp 1242-7 Gprs V2 Firmware -
Siemens Simatic Net Cp 1243-8 Irc Firmware -
Siemens Scalance Sc632-2c Firmware -
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware -
Siemens Cp 1543-1 Firmware -
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Simatic Cp 1543sp-1 Firmware -
Siemens Simatic Net Cp1243-7 Lte Eu Firmware -
Siemens Simatic Cp 1243-7 Lte\\/us Firmware -
Siemens Simatic Cp 1542sp-1 Firmware -
Siemens Scalance Sc636-2c Firmware -
Siemens Simatic Cp 1542sp-1 Irc Firmware -
3.1
CVSSv3
CVE-2019-10155
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This is...
Strongswan Strongswan
Libreswan Libreswan
Xelerance Openswan
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
7.5
CVSSv3
CVE-2018-17540
The gmp plugin in strongSwan prior to 5.7.1 has a Buffer Overflow via a crafted certificate.
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2018-16151
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x prior to 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in t...
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv3
CVE-2018-16152
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x prior to 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a ...
Strongswan Strongswan
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »