Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
strongswan strongswan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2891
strongSwan prior to 5.1.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Debian Strongswan
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.2
Strongswan Strongswan
Strongswan Strongswan 5.0.0
NA
CVE-2014-2338
IKEv2 in strongSwan 4.0.7 prior to 5.1.3 allows remote malicious users to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Strongswan Strongswan 5.1.2
Strongswan Strongswan 5.1.1
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.4.0
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.7
Strongswan Strongswan 4.2.8
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.1.4
NA
CVE-2013-6075
The compare_dn function in utils/identification.c in strongSwan 4.3.3 up to and including 5.1.1 allows (1) remote malicious users to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitra...
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.6.3
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.5.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 5.0.0
Strongswan Strongswan 5.0.2
NA
CVE-2013-6076
strongSwan 5.0.2 up to and including 5.1.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.
Strongswan Strongswan 5.0.2
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.1.0
NA
CVE-2013-5018
The is_asn1 function in strongSwan 4.1.11 up to and including 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote malicious users to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PE...
Strongswan Strongswan 4.1.11
Strongswan Strongswan 5.0.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
NA
CVE-2013-2054
Buffer overflow in the atodn function in strongSwan 2.0.0 up to and including 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via ...
Strongswan Strongswan 2.4.3
Strongswan Strongswan 2.5.7
Strongswan Strongswan 2.4.2
Strongswan Strongswan 4.1.8
Strongswan Strongswan 4.1.11
Strongswan Strongswan 2.6.16
Strongswan Strongswan 2.5.3
Strongswan Strongswan 2.8.0
Strongswan Strongswan 4.2.6
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.4.4
Strongswan Strongswan 2.6.0
Strongswan Strongswan 2.3.0
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.1.1
Strongswan Strongswan 2.7.2
Strongswan Strongswan 4.2.10
Strongswan Strongswan 2.1.0
Strongswan Strongswan 2.1.5
Strongswan Strongswan 2.0.2
Strongswan Strongswan 2.8.9
Strongswan Strongswan 2.8.8
NA
CVE-2013-2944
strongSwan 4.3.5 up to and including 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote malicious users to authenticate as other users via an invalid signature.
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.6.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.3
Strongswan Strongswan 5.0.0
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.5.0
NA
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.3.4
NA
CVE-2010-2628
The IKE daemon in strongSwan 4.3.x prior to 4.3.7 and 4.4.x prior to 4.4.1 does not properly check the return values of snprintf calls, which allows remote malicious users to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.3.0
Strongswan Strongswan 4.3.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.4.0
NA
CVE-2009-2661
The asn1_length function in strongSwan 2.8 prior to 2.8.11, 4.2 prior to 4.2.17, and 4.3 prior to 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote malicious users to cause a denial of service (pluto IKE daemon...
Strongswan Strongswan 2.8.5
Strongswan Strongswan 2.8.6
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.0
Strongswan Strongswan 2.8.10
Strongswan Strongswan 4.2.16
Strongswan Strongswan 2.8.3
Strongswan Strongswan 2.8.4
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.3.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.8.2
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.3.0
Strongswan Strongswan 2.8.0
Strongswan Strongswan 2.8.7
Strongswan Strongswan 2.8.8
Strongswan Strongswan 4.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »