Thursday, January 27, 2022

Ubuntu: (Multiple Advisories) (CVE-2021-45079): strongSwan vulnerability

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-5250-2:USN-5250-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.Original advisory details:Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication.
  • ubuntu-upgrade-5-1-2-0ubuntu2-11-esm2
  • ubuntu-upgrade-5-3-5-1ubuntu3-8-esm2
  • ubuntu-upgrade-available
  • ubuntu-upgrade-desktop
  • ubuntu-upgrade-infra
  • ubuntu-upgrade-libstrongswan
  • ubuntu-upgrade-strongswan
  • ubuntu-upgrade-ua

  • References
  • USN-5250-1
  • USN-5250-2
  • CVE-2021-45079


    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore