Download
| Alert*
oval:org.secpod.oval:def:47604
strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:51021 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:53353 Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite. CVE-2018-5388 The stroke plugin did not verify the message length when reading from its control socket. This vulnerability could lead to denial of service. On Debian write access to the socket requires root permission on default ... oval:org.secpod.oval:def:53432 Google"s OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16151 . An attacker could trigger it using crafted certificates with RSA keys with very small moduli. Verifying signatures with such keys would cause an integer underflow and su ... oval:org.secpod.oval:def:115241 The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. oval:org.secpod.oval:def:51132 strongswan: IPsec VPN solution strongSwan could be made to crash or run programs if it received specially crafted network traffic. |