VYPR

rpm package

suse/strongswan&distro=SUSE Linux Enterprise Desktop 12 SP2

pkg:rpm/suse/strongswan&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Vulnerabilities (3)

  • CVE-2017-11185HigAug 18, 2017
    affected < 5.1.3-26.5.1fixed 5.1.3-26.5.1

    The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.

  • CVE-2017-9023HigJun 8, 2017
    affected < 5.1.3-25.1fixed 5.1.3-25.1

    The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.

  • CVE-2017-9022HigJun 8, 2017
    affected < 5.1.3-25.1fixed 5.1.3-25.1

    The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.