Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
strongswan strongswan 5.0.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-2891
strongSwan prior to 5.1.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
Debian Strongswan
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.2
Strongswan Strongswan
Strongswan Strongswan 5.0.0
4.9
CVSSv2
CVE-2013-2944
strongSwan 4.3.5 up to and including 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote malicious users to authenticate as other users via an invalid signature.
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.6.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.3
Strongswan Strongswan 5.0.0
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.5.0
4.3
CVSSv2
CVE-2013-5018
The is_asn1 function in strongSwan 4.1.11 up to and including 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote malicious users to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PE...
Strongswan Strongswan 4.1.11
Strongswan Strongswan 5.0.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.0.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
5
CVSSv2
CVE-2013-6075
The compare_dn function in utils/identification.c in strongSwan 4.3.3 up to and including 5.1.1 allows (1) remote malicious users to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitra...
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 5.0.4
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.6.2
Strongswan Strongswan 4.6.3
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.5.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 5.0.0
Strongswan Strongswan 5.0.2
5
CVSSv2
CVE-2014-9221
strongSwan 4.5.x up to and including 5.2.x prior to 5.2.1 allows remote malicious users to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
Strongswan Strongswan 5.1.2
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 5.2.0
Strongswan Strongswan 5.1.3
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.6.2
Strongswan Strongswan 5.1.1
Strongswan Strongswan 5.0.3
Strongswan Strongswan 5.0.4
Strongswan Strongswan 4.6.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.3
Strongswan Strongswan 5.0.0
Strongswan Strongswan 4.5.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 14.10
5
CVSSv2
CVE-2015-8023
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 up to and including 5.x prior to 5.3.4 does not properly validate local state, which allows remote malicious users to bypass authentication via an empty Success message in respo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Strongswan Strongswan 5.2.3
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.2.12
Strongswan Strongswan 5.1.2
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.3.2
Strongswan Strongswan 4.4.0
Strongswan Strongswan 5.2.2
Strongswan Strongswan 5.1.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.3.5
Strongswan Strongswan 5.2.0
Strongswan Strongswan 5.1.3
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.4
2.6
CVSSv2
CVE-2015-4171
strongSwan 4.3.0 up to and including 5.x prior to 5.3.2 and strongSwan VPN Client prior to 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, whi...
Strongswan Strongswan Vpn Client
Debian Debian Linux 8.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Strongswan Strongswan 4.3.0
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.6.2
Strongswan Strongswan 5.1.0
Strongswan Strongswan 5.1.1
Strongswan Strongswan 5.3.0
Strongswan Strongswan 5.3.1
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.3.4
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.2
Strongswan Strongswan 5.0.0
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.2.0
Strongswan Strongswan 5.2.1
6.4
CVSSv2
CVE-2014-2338
IKEv2 in strongSwan 4.0.7 prior to 5.1.3 allows remote malicious users to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Strongswan Strongswan 5.1.2
Strongswan Strongswan 5.1.1
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.5.3
Strongswan Strongswan 4.4.0
Strongswan Strongswan 5.0.1
Strongswan Strongswan 5.0.2
Strongswan Strongswan 4.6.4
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.3.3
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.3.6
Strongswan Strongswan 4.3.7
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.7
Strongswan Strongswan 4.2.8
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started