The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Openswan

Libreswan: Man-in-the-Middle via IKEv1 Informational Exchange Packets
An attacker can act as a Man-in-the-Middle via IKEv1 Informational Exchange Packets on Libreswan, in order to read or write data in the session...
CVE-2019-10155, FEDORA-2019-f7fb531958, RHSA-2019:3391-01, VIGILANCE-VUL-29524
Openswan: memory leak
An attacker can create a memory leak of Openswan, in order to trigger a denial of service...
VIGILANCE-VUL-28737
Openswan: information disclosure via RSA Padding Attack
An attacker can bypass access restrictions to data via RSA Padding Attack of Openswan, in order to obtain sensitive information...
CVE-2018-15836, VIGILANCE-VUL-27078
Openswan: denial of service via IKE Diffie-Hellman
An attacker can send a malicious IKE packet, to force an assertion error in a DH computation by Openswan, in order to trigger a denial of service...
CVE-2015-3240, RHSA-2015:1979-01, VIGILANCE-VUL-17774
TLS, SSH, VPN: weakening Diffie-Hellman via common primes
An attacker, located as a Man-in-the-Middle, can obtain the DH keys used by the TLS/SSH/VPN client/server, in order to more easily capture or alter exchanged data...
VIGILANCE-VUL-16951
Openswan: NULL pointer dereference via IKEv2
An attacker can dereference a NULL pointer via IKEv2 in Openswan, in order to trigger a denial of service...
BID-65629, CVE-2014-2037, VIGILANCE-VUL-14270
Libreswan, Openswan: NULL pointer dereference via IKEv2
An attacker can dereference a NULL pointer via IKEv2 in Libreswan or Openswan, in order to trigger a denial of service...
BID-65155, CVE-2013-6466, CVE-2013-6467, DSA-2893-1, FEDORA-2014-1092, FEDORA-2014-1121, RHSA-2014:0185-01, VIGILANCE-VUL-14149
Openswan: buffer overflow of atodn
When Opportunistic Encryption is enabled ("oe=yes"), an attacker can generate a buffer overflow in Openswan, in order to trigger a denial of service, and possibly to execute code...
BID-59838, CVE-2013-2053, DSA-2893-1, MDVSA-2013:231, RHSA-2013:0827-01, SUSE-SU-2013:1150-1, VIGILANCE-VUL-12828
Openswan: denial of service via Crypto Helper
When Openswan uses a Crypto Helper, a remote attacker can interrupt an IKE session, in order to stop the pluto daemon...
BID-50440, CVE-2011-4073, DSA-2374-1, FEDORA-2011-15077, FEDORA-2011-15127, FEDORA-2011-15196, MDVSA-2013:231, RHSA-2011:1422-01, SUSE-SU-2011:1310-1, SUSE-SU-2011:1311-1, VIGILANCE-VUL-11112
Openswan: denial of service via KEY_LENGTH
An attacker can send an ISAKMP message with an invalid KEY_LENGTH attribute, in order to restart Openswan...
BID-49984, CVE-2011-3380, FEDORA-2011-13862, FEDORA-2011-13864, RHSA-2011:1356-01, VIGILANCE-VUL-11038
Our database contains other pages. You can request a free trial to read them.

Display information about Openswan: