Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pluto vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2891
strongSwan prior to 5.1.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Debian Strongswan
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.2
Strongswan Strongswan
Strongswan Strongswan 5.0.0
NA
CVE-2013-7294
The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan prior to 3.7 allows remote malicious users to cause a denial of service (restart) via an IKEv2 I1 notification without a KE payload.
Libreswan Libreswan 3.0
Libreswan Libreswan 3.1
Libreswan Libreswan 3.2
Libreswan Libreswan 3.3
Libreswan Libreswan 3.4
Libreswan Libreswan 3.5
Libreswan Libreswan
NA
CVE-2013-6075
The compare_dn function in utils/identification.c in strongSwan 4.3.3 up to and including 5.1.1 allows (1) remote malicious users to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitra...
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.6.3
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.5.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 5.0.0
Strongswan Strongswan 5.0.2
NA
CVE-2013-2052
Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT recor...
Libreswan Libreswan 3.0
Libreswan Libreswan 3.1
NA
CVE-2013-2054
Buffer overflow in the atodn function in strongSwan 2.0.0 up to and including 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via ...
Strongswan Strongswan 2.4.3
Strongswan Strongswan 2.5.7
Strongswan Strongswan 2.4.2
Strongswan Strongswan 4.1.8
Strongswan Strongswan 4.1.11
Strongswan Strongswan 2.6.16
Strongswan Strongswan 2.5.3
Strongswan Strongswan 2.8.0
Strongswan Strongswan 4.2.6
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.4.4
Strongswan Strongswan 2.6.0
Strongswan Strongswan 2.3.0
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.1.1
Strongswan Strongswan 2.7.2
Strongswan Strongswan 4.2.10
Strongswan Strongswan 2.1.0
Strongswan Strongswan 2.1.5
Strongswan Strongswan 2.0.2
Strongswan Strongswan 2.8.9
Strongswan Strongswan 2.8.8
NA
CVE-2011-4073
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 up to and including 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_ou...
Xelerance Openswan 2.4.2
Xelerance Openswan 2.4.10
Xelerance Openswan 2.4.4
Xelerance Openswan 2.5.0
Xelerance Openswan 2.5.12
Xelerance Openswan 2.5.13
Xelerance Openswan 2.5.14
Xelerance Openswan 2.5.15
Xelerance Openswan 2.6.09
Xelerance Openswan 2.6.10
Xelerance Openswan 2.6.11
Xelerance Openswan 2.6.12
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.30
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.25
Xelerance Openswan 2.4.5
Xelerance Openswan 2.4.3
Xelerance Openswan 2.4.6
Xelerance Openswan 2.4.7
Xelerance Openswan 2.5.04
Xelerance Openswan 2.5.05
NA
CVE-2011-3380
Openswan 2.6.29 up to and including 2.6.35 allows remote malicious users to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function.
Xelerance Openswan 2.6.34
Xelerance Openswan 2.6.35
Xelerance Openswan 2.6.29
Xelerance Openswan 2.6.32
Xelerance Openswan 2.6.33
Xelerance Openswan 2.6.30
Xelerance Openswan 2.6.31
NA
CVE-2010-3752
programs/pluto/xauth.c in the client in Openswan 2.6.25 up to and including 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-...
Xelerance Openswan 2.6.25
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
NA
CVE-2010-3753
programs/pluto/xauth.c in the client in Openswan 2.6.26 up to and including 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-3308.
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
Xelerance Openswan 2.6.26
NA
CVE-2010-3302
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 up to and including 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.
Xelerance Openswan 2.6.25
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »