Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xelerance openswan vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-10155
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This is...
Strongswan Strongswan
Libreswan Libreswan
Xelerance Openswan
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
445
VMScore
CVE-2018-15836
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan prior to 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are...
Xelerance Openswan
445
VMScore
CVE-2014-2037
Openswan 2.6.40 allows remote malicious users to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.
Xelerance Openswan 2.6.40
445
VMScore
CVE-2011-3380
Openswan 2.6.29 up to and including 2.6.35 allows remote malicious users to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling function.
Xelerance Openswan 2.6.34
Xelerance Openswan 2.6.35
Xelerance Openswan 2.6.29
Xelerance Openswan 2.6.32
Xelerance Openswan 2.6.33
Xelerance Openswan 2.6.30
Xelerance Openswan 2.6.31
356
VMScore
CVE-2011-4073
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 up to and including 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_ou...
Xelerance Openswan 2.4.2
Xelerance Openswan 2.4.10
Xelerance Openswan 2.4.4
Xelerance Openswan 2.5.0
Xelerance Openswan 2.5.12
Xelerance Openswan 2.5.13
Xelerance Openswan 2.5.14
Xelerance Openswan 2.5.15
Xelerance Openswan 2.6.09
Xelerance Openswan 2.6.10
Xelerance Openswan 2.6.11
Xelerance Openswan 2.6.12
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.30
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.25
Xelerance Openswan 2.4.5
Xelerance Openswan 2.4.3
Xelerance Openswan 2.4.6
Xelerance Openswan 2.4.7
Xelerance Openswan 2.5.04
Xelerance Openswan 2.5.05
578
VMScore
CVE-2010-3752
programs/pluto/xauth.c in the client in Openswan 2.6.25 up to and including 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-...
Xelerance Openswan 2.6.25
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
578
VMScore
CVE-2010-3753
programs/pluto/xauth.c in the client in Openswan 2.6.26 up to and including 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-3308.
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
Xelerance Openswan 2.6.26
578
VMScore
CVE-2010-3308
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 up to and including 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
578
VMScore
CVE-2010-3302
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 up to and including 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.
Xelerance Openswan 2.6.25
Xelerance Openswan 2.6.26
Xelerance Openswan 2.6.27
Xelerance Openswan 2.6.28
445
VMScore
CVE-2009-2185
The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 prior to 2.8.10, 4.2 prior to 4.2.16, and 4.3 prior to 4.3.2; and (b) openSwan 2.6 prior to 2.6.22 and 2.4 prior to 2.4.15 allows remote malicious users to cause a d...
Strongswan Strongswan 2.8.6
Strongswan Strongswan 2.8.5
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.2
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 2.8.9
Strongswan Strongswan 4.2.15
Xelerance Openswan 2.6.18
Xelerance Openswan 2.6.13
Xelerance Openswan 2.6.06
Xelerance Openswan 2.6.07
Xelerance Openswan 2.4.9
Xelerance Openswan 2.4.1
Strongswan Strongswan 2.8.2
Strongswan Strongswan 2.8.1
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.1
Xelerance Openswan 2.6.16
Xelerance Openswan 2.6.20
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »