Download
| Alert*
oval:org.secpod.oval:def:89003278
This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89050393 This update for strongswan fixes the following issues: Strongswan was updated to version 5.8.2 . Security issue fixed: - CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation . Full changelogs: Version 5.8.2 * Identit ... oval:org.secpod.oval:def:89050895 This update for strongswan fixes the following issues: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of se ... oval:org.secpod.oval:def:1801005 A flaw was found in strongSwan VPN"s charon server prior to version 5.6.3. In stroke_socket.c, a missing packet length check could allow a integer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. A remote attacker with local user credentials may ... oval:org.secpod.oval:def:47604 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:114563 The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. oval:org.secpod.oval:def:51021 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:53353 Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite. CVE-2018-5388 The stroke plugin did not verify the message length when reading from its control socket. This vulnerability could lead to denial of service. On Debian write access to the socket requires root permission on default ... oval:org.secpod.oval:def:114595 The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. oval:org.secpod.oval:def:115241 The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. oval:org.secpod.oval:def:603432 Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite. CVE-2018-5388 The stroke plugin did not verify the message length when reading from its control socket. This vulnerability could lead to denial of service. On Debian write access to the socket requires root permission on default ... |