Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="ccaea96b-7dcd-11ec-93df-00224d821998"> |
2 |
<topic>strongswan - Incorrect Handling of Early EAP-Success Messages</topic> |
3 |
<affects> |
4 |
<package> |
5 |
<name>strongswan</name> |
6 |
<range><lt>5.9.5</lt></range> |
7 |
</package> |
8 |
</affects> |
9 |
<description> |
10 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
11 |
<p>Strongswan Release Notes reports:</p> |
12 |
<blockquote cite="https://github.com/strongswan/strongswan/releases/tag/5.9.5"> |
13 |
<p>Fixed a vulnerability in the EAP client implementation that was caused by incorrectly handling early EAP-Success messages. It may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack. This vulnerability has been registered as CVE-2021-45079.</p> |
14 |
</blockquote> |
15 |
</body> |
16 |
</description> |
17 |
<references> |
18 |
<cvename>CVE-2021-45079</cvename> |
19 |
<url>https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html</url> |
20 |
</references> |
21 |
<dates> |
22 |
<discovery>2021-12-16</discovery> |
23 |
<entry>2022-01-25</entry> |
24 |
</dates> |
25 |
</vuln> |
26 |
|
1 |
<vuln vid="309c35f4-7c9f-11ec-a739-206a8a720317"> |
27 |
<vuln vid="309c35f4-7c9f-11ec-a739-206a8a720317"> |
2 |
<topic>aide -- heap-based buffer overflow</topic> |
28 |
<topic>aide -- heap-based buffer overflow</topic> |
3 |
<affects> |
29 |
<affects> |