Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
strongswan strongswan 4.1.11 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-5018
The is_asn1 function in strongSwan 4.1.11 up to and including 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote malicious users to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PE...
Strongswan Strongswan 4.1.11
Strongswan Strongswan 5.0.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
445
VMScore
CVE-2008-4551
strongSwan 4.2.6 and previous versions allows remote malicious users to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_expo...
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.1.11
Strongswan Strongswan 4.1.4
Strongswan Strongswan 4.1.3
Strongswan Strongswan 4.0.4
Strongswan Strongswan 4.0.3
Strongswan Strongswan 4.0.2
Strongswan Strongswan 2.6.1
Strongswan Strongswan 2.6.0
Strongswan Strongswan 2.5.1
Strongswan Strongswan 2.5.0
Strongswan Strongswan 2.3.1
Strongswan Strongswan 2.2.2
Strongswan Strongswan 2.1.1
Strongswan Strongswan 2.1.0
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.1.8
Strongswan Strongswan 4.1.7
Strongswan Strongswan 4.1.0
Strongswan Strongswan 4.0.7
Strongswan Strongswan 2.7.0
570
VMScore
CVE-2014-2338
IKEv2 in strongSwan 4.0.7 prior to 5.1.3 allows remote malicious users to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Strongswan Strongswan 5.1.2
Strongswan Strongswan 5.1.1
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.4.0
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.7
Strongswan Strongswan 4.2.8
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.1.4
445
VMScore
CVE-2009-1957
charon/sa/ike_sa.c in the charon daemon in strongSWAN prior to 4.3.1 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA req...
Strongswan Strongswan 2.1.3
Strongswan Strongswan 2.1.4
Strongswan Strongswan 2.4.0
Strongswan Strongswan 2.4.0a
Strongswan Strongswan 2.5.2
Strongswan Strongswan 2.5.3
Strongswan Strongswan 2.6.16
Strongswan Strongswan 2.6.2
Strongswan Strongswan 2.8.3
Strongswan Strongswan 2.8.4
Strongswan Strongswan 4.0.2
Strongswan Strongswan 4.0.3
Strongswan Strongswan 4.1.10
Strongswan Strongswan 4.1.11
Strongswan Strongswan 4.1.2
Strongswan Strongswan 4.1.9
Strongswan Strongswan 4.2.0
Strongswan Strongswan 2.0.0
Strongswan Strongswan 2.0.1
Strongswan Strongswan 2.1.5
Strongswan Strongswan 2.2.0
Strongswan Strongswan 2.4.1
445
VMScore
CVE-2009-1958
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN prior to 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote malicious users to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.
Strongswan Strongswan 4.0.3
Strongswan Strongswan 4.1.10
Strongswan Strongswan 4.1.6
Strongswan Strongswan 4.1.7
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.2.5
Strongswan Strongswan
Strongswan Strongswan 2.4.0a
Strongswan Strongswan 2.1.4
Strongswan Strongswan 2.1.3
Strongswan Strongswan 2.3.1
Strongswan Strongswan 2.4.2
Strongswan Strongswan 2.4.3
Strongswan Strongswan 2.5.2
Strongswan Strongswan 4.1.0
Strongswan Strongswan 4.1.2
Strongswan Strongswan 4.1.5
Strongswan Strongswan 4.1.4
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.2
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.12
454
VMScore
CVE-2013-2054
Buffer overflow in the atodn function in strongSwan 2.0.0 up to and including 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via ...
Strongswan Strongswan 2.4.3
Strongswan Strongswan 2.5.7
Strongswan Strongswan 2.4.2
Strongswan Strongswan 4.1.8
Strongswan Strongswan 4.1.11
Strongswan Strongswan 2.6.16
Strongswan Strongswan 2.5.3
Strongswan Strongswan 2.8.0
Strongswan Strongswan 4.2.6
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.4.4
Strongswan Strongswan 2.6.0
Strongswan Strongswan 2.3.0
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.1.1
Strongswan Strongswan 2.7.2
Strongswan Strongswan 4.2.10
Strongswan Strongswan 2.1.0
Strongswan Strongswan 2.1.5
Strongswan Strongswan 2.0.2
Strongswan Strongswan 2.8.9
Strongswan Strongswan 2.8.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started