Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Strongswan Subscribe
Filtered by product Strongswan
Total 34 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-2891 2 Debian, Strongswan 2 Strongswan, Strongswan 2018-08-13 5.0 MEDIUM N/A
strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
CVE-2015-8023 2 Canonical, Strongswan 2 Ubuntu Linux, Strongswan 2018-08-13 5.0 MEDIUM N/A
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.
CVE-2017-11185 1 Strongswan 1 Strongswan 2018-08-13 5.0 MEDIUM 7.5 HIGH
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
CVE-2015-4171 3 Canonical, Debian, Strongswan 4 Ubuntu Linux, Debian Linux, Strongswan and 1 more 2017-11-07 2.6 LOW N/A
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
CVE-2012-2388 1 Strongswan 1 Strongswan 2017-08-28 7.5 HIGH N/A
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
CVE-2004-0590 3 Frees Wan, Openswan, Strongswan 4 Frees Wan, Super Frees Wan, Openswan and 1 more 2017-07-10 10.0 HIGH N/A
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
CVE-2014-2338 1 Strongswan 1 Strongswan 2016-11-28 6.4 MEDIUM N/A
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
CVE-2013-6075 1 Strongswan 1 Strongswan 2013-11-21 5.0 MEDIUM N/A
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.
CVE-2013-6076 1 Strongswan 1 Strongswan 2013-11-21 5.0 MEDIUM N/A
strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.
CVE-2008-4551 1 Strongswan 1 Strongswan 2011-03-07 5.0 MEDIUM N/A
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP).
CVE-2010-2628 1 Strongswan 1 Strongswan 2010-08-23 7.5 HIGH N/A
The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.
CVE-2009-2661 1 Strongswan 1 Strongswan 2009-11-23 5.0 MEDIUM N/A
The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.
CVE-2009-1958 1 Strongswan 1 Strongswan 2009-10-13 5.0 MEDIUM N/A
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.
CVE-2009-1957 1 Strongswan 1 Strongswan 2009-10-13 5.0 MEDIUM N/A
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request.