Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Strongswan vunberability
« previous
next »
Print
Pages: [
1
]
Author
Topic: Strongswan vunberability (Read 570 times)
walkerx
Full Member
Posts: 103
Karma: 4
Strongswan vunberability
«
on:
March 05, 2023, 01:02:13 pm »
So I've upgraded from 22 to 23 and says on latest version 23.1.1_2 yet when checking security audit under updates it's still returning the following
***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 23.1.1_2 at Sun Mar 5 11:50:38 GMT 2023
vulnxml file up-to-date
strongswan-5.9.9_1 is vulnerable:
strongSwan -- certificate verification vulnerability
CVE: CVE-2023-26463
WWW:
https://vuxml.FreeBSD.org/freebsd/3f9b6943-ba58-11ed-bbbd-00e0670f2660.html
1 problem(s) in 1 installed package(s) found.
***DONE***
the vunerability reports the following
A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.
If we don't use the vpn's within OpnSense, do we need to be worried
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Strongswan vunberability