Strongswan

strongswan

Vendor: Strongswan • 37 CVEs

CVEs (37)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-9221 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraOpensuse+2 more May 6, 2026 Jan 7, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
CVE-2014-2891 2Debian Strongswan 2Strongswan Strongswan May 6, 2026 May 7, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
CVE-2014-2338 1Strongswan 1Strongswan May 6, 2026 Apr 16, 2014 N/A· v4 N/A· v3 6.4 MEDIUM· v2 IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
CVE-2013-6076 1Strongswan 1Strongswan Apr 29, 2026 Nov 2, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.
CVE-2013-6075 1Strongswan 1Strongswan Apr 29, 2026 Nov 2, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote...Show more The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.Show less
CVE-2013-5018 2Opensuse Strongswan 2Opensuse Strongswan Apr 29, 2026 Aug 28, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) X...Show more The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identity, or (3) PEM encoded file that starts with a 0x04, 0x30, or 0x31 character followed by an ASN.1 length value that triggers an integer overflow.Show less
CVE-2013-2054 1Strongswan 1Strongswan Apr 29, 2026 Jul 9, 2013 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash...Show more Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054.Show less
CVE-2013-2944 1Strongswan 1Strongswan Apr 29, 2026 May 2, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
CVE-2012-2388 1Strongswan 1Strongswan Apr 29, 2026 Jun 27, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
CVE-2010-2628 1Strongswan 1Strongswan Apr 29, 2026 Aug 20, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (...Show more The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers buffer overflows.Show less
CVE-2009-2661 1Strongswan 1Strongswan Apr 23, 2026 Aug 4, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attacker...Show more The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. NOTE: this is due to an incomplete fix for CVE-2009-2185.Show less
CVE-2009-2185 2Strongswan Xelerance 2Openswan Strongswan Apr 23, 2026 Jun 25, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before...Show more The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string.Show less
CVE-2009-1958 1Strongswan 1Strongswan Apr 23, 2026 Jun 8, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without...Show more charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector.Show less
CVE-2009-1957 1Strongswan 1Strongswan Apr 23, 2026 Jun 8, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete...Show more charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request.Show less
CVE-2009-0790 2Strongswan Xelerance 2Openswan Strongswan Apr 23, 2026 Apr 1, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and...Show more The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.Show less
CVE-2008-4551 1Strongswan 1Strongswan Apr 23, 2026 Oct 14, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dere...Show more strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP).Show less
CVE-2004-0590 3Frees Wan OpenswanStrongswan 4Frees Wan OpenswanStrongswan+1 more Apr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS...Show more FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.Show less

Previous 12