Download
| Alert*
|
oval:org.secpod.oval:def:89044633
This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service oval:org.secpod.oval:def:89044856 This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service - IKEv1 protocol is vulnerable to DoS amplification attack oval:org.secpod.oval:def:1800749 CVE-2017-9022: Insufficient validation of RSA public keys passed to the gmp plugin. RSA public keys passed to the gmp plugin aren"t validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate ... oval:org.secpod.oval:def:1800890 CVE-2017-9022: Insufficient validation of RSA public keys passed to the gmp plugin; RSA public keys passed to the gmp plugin aren"t validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate ... oval:org.secpod.oval:def:602911 Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google"s OSS-Fuzz fuzzing project. CVE-2017-9022 RSA public keys passed to the gmp plugin aren"t validated sufficiently before attempting signature verification, so that invalid input might lead to a float ... oval:org.secpod.oval:def:703629 strongswan: IPsec VPN solution strongSwan could be made to crash or hang if it received specially crafted network traffic. oval:org.secpod.oval:def:1800503 CVE-2017-9022: Insufficient validation of RSA public keys passed to the gmp plugin RSA public keys passed to the gmp plugin aren"t validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate w ... oval:org.secpod.oval:def:51805 strongswan: IPsec VPN solution strongSwan could be made to crash or hang if it received specially crafted network traffic. |
