rpm package
suse/strongswan&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/strongswan&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-17540 | — | < 5.1.3-26.13.1 | 5.1.3-26.13.1 | Oct 3, 2018 | The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | ||
| CVE-2018-16152 | — | < 5.1.3-26.13.1 | 5.1.3-26.13.1 | Sep 26, 2018 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a re | ||
| CVE-2018-16151 | — | < 5.1.3-26.13.1 | 5.1.3-26.13.1 | Sep 26, 2018 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the | ||
| CVE-2018-10811 | — | < 5.1.3-26.13.1 | 5.1.3-26.13.1 | Jun 19, 2018 | strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | ||
| CVE-2018-5388 | — | < 5.1.3-26.13.1 | 5.1.3-26.13.1 | May 31, 2018 | In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | ||
| CVE-2015-8023 | — | < 5.1.3-22.1 | 5.1.3-22.1 | Nov 18, 2015 | The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Ch |
- CVE-2018-17540Oct 3, 2018affected < 5.1.3-26.13.1fixed 5.1.3-26.13.1
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
- CVE-2018-16152Sep 26, 2018affected < 5.1.3-26.13.1fixed 5.1.3-26.13.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a re
- CVE-2018-16151Sep 26, 2018affected < 5.1.3-26.13.1fixed 5.1.3-26.13.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the
- CVE-2018-10811Jun 19, 2018affected < 5.1.3-26.13.1fixed 5.1.3-26.13.1
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
- CVE-2018-5388May 31, 2018affected < 5.1.3-26.13.1fixed 5.1.3-26.13.1
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
- CVE-2015-8023Nov 18, 2015affected < 5.1.3-22.1fixed 5.1.3-22.1
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Ch