CVE-2015-3204

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2015-3204
libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://rhn.redhat.com/errata/RHSA-2015-1154.html
http://www.securityfocus.com/bid/75392
https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt Vendor Advisory
https://security.gentoo.org/glsa/201603-13
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:libreswan:libreswan:3.9:*:*:*:*:*:*:*
cpe:2.3:a:libreswan:libreswan:3.10:*:*:*:*:*:*:*
cpe:2.3:a:libreswan:libreswan:3.11:*:*:*:*:*:*:*
cpe:2.3:a:libreswan:libreswan:3.12:*:*:*:*:*:*:*
History

13 Feb 2023, 00:48

Type Values Removed Values Added
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1223361', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1223361', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2015:1154', 'name': 'https://access.redhat.com/errata/RHSA-2015:1154', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204-libreswan.patch', 'name': 'https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204-libreswan.patch', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2015-3204', 'name': 'https://access.redhat.com/security/cve/CVE-2015-3204', 'tags': [], 'refsource': 'MISC'}
Summary A flaw was discovered in the way Libreswan's IKE daemon processed certain IKEv1 payloads. A remote attacker could send specially crafted IKEv1 payloads that, when processed, would lead to a denial of service (daemon crash). libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.

02 Feb 2023, 20:20

Type Values Removed Values Added
Summary libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK. A flaw was discovered in the way Libreswan's IKE daemon processed certain IKEv1 payloads. A remote attacker could send specially crafted IKEv1 payloads that, when processed, would lead to a denial of service (daemon crash).
References
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1223361 -
  • (MISC) https://access.redhat.com/errata/RHSA-2015:1154 -
  • (MISC) https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204-libreswan.patch -
  • (MISC) https://access.redhat.com/security/cve/CVE-2015-3204 -
Information

Published : 2015-07-01 14:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-3204

Mitre link : CVE-2015-3204

CVE.ORG link : CVE-2015-3204

JSON object : View

Products Affected

libreswan

  • libreswan
CWE
CWE-20

Improper Input Validation