Download
| Alert*
oval:org.secpod.oval:def:89045998
This update for strongswan fixes the following issues: - CVE-2018-16151: Fixed flaws in gmp plugin that could lead to authorization bypass. - CVE-2018-16152: Fixed flaws in gmp plugin that could lead to authorization bypass. - CVE-2018-17540: Fixed insufficient input validation in gmp plugin. - C ... oval:org.secpod.oval:def:89003278 This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89050393 This update for strongswan fixes the following issues: Strongswan was updated to version 5.8.2 . Security issue fixed: - CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation . Full changelogs: Version 5.8.2 * Identit ... oval:org.secpod.oval:def:89050895 This update for strongswan fixes the following issues: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of se ... oval:org.secpod.oval:def:1801193 The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate, the vulnerability was introduced with the patch that fixes CVE-2018-16151/2. oval:org.secpod.oval:def:1801196 The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate, the vulnerability was introduced with the patch that fixes CVE-2018-16151/2. oval:org.secpod.oval:def:1801197 The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate, the vulnerability was introduced with the patch that fixes CVE-2018-16151/2. oval:org.secpod.oval:def:1801189 The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate, the vulnerability was introduced with the patch that fixes CVE-2018-16151/2. oval:org.secpod.oval:def:53432 Google"s OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16151 . An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer underflow and su ... oval:org.secpod.oval:def:603537 Google"s OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16151 . An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer underflow and su ... oval:org.secpod.oval:def:51132 strongswan: IPsec VPN solution strongSwan could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:704327 strongswan: IPsec VPN solution strongSwan could be made to crash or run programs if it received specially crafted network traffic. |