rpm package
opensuse/strongswan&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/strongswan&distro=openSUSE%20Tumbleweed
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-6075 | — | < 5.3.5-1.1 | 5.3.5-1.1 | Nov 2, 2013 | The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypas | ||
| CVE-2013-5018 | — | < 5.3.5-1.1 | 5.3.5-1.1 | Aug 28, 2013 | The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file tha | ||
| CVE-2013-2944 | — | < 5.3.5-1.1 | 5.3.5-1.1 | May 2, 2013 | strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature. | ||
| CVE-2012-2388 | — | < 5.3.5-1.1 | 5.3.5-1.1 | Jun 27, 2012 | The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability." | ||
| CVE-2009-0790 | — | < 5.3.5-1.1 | 5.3.5-1.1 | Apr 1, 2009 | The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK D | ||
| CVE-2026-47895 | — | < 6.0.7-1.1 | 6.0.7-1.1 | — | strongSwan could be made to crash or run programs if it received specially crafted network traffic. |
- CVE-2013-6075Nov 2, 2013affected < 5.3.5-1.1fixed 5.3.5-1.1
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypas
- CVE-2013-5018Aug 28, 2013affected < 5.3.5-1.1fixed 5.3.5-1.1
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file tha
- CVE-2013-2944May 2, 2013affected < 5.3.5-1.1fixed 5.3.5-1.1
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
- CVE-2012-2388Jun 27, 2012affected < 5.3.5-1.1fixed 5.3.5-1.1
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
- CVE-2009-0790Apr 1, 2009affected < 5.3.5-1.1fixed 5.3.5-1.1
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK D
- affected < 6.0.7-1.1fixed 6.0.7-1.1
strongSwan could be made to crash or run programs if it received specially crafted network traffic.
Page 2 of 2