CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38712 – libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart
https://notcve.org/view.php?id=CVE-2023-38712
25 Aug 2023 — An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart. Se ha descubierto un problema en Libreswan 3.x y 4.x antes de 4.12. Cuando un paquete IKEv1 ISAKMP SA Informational Exchange contiene una carga útil Delete/Notify seguid... • https://github.com/libreswan/libreswan/tags • CWE-476: NULL Pointer Dereference •
CVSS: 3.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10155 – libreswan: vulnerability in the processing of IKEv1 informational packets due to missing integrity check
https://notcve.org/view.php?id=CVE-2019-10155
12 Jun 2019 — The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29. Se ha encontrado una vulnerabilidad en el proyecto The Libreswan en el procesador de IKEv1 Los paquetes de intercambio informativo IKEv1 que están cifrados y protegidos por integridad utilizando las... • https://access.redhat.com/errata/RHSA-2019:3391 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12312 – libreswan: null-pointer dereference by sending two IKEv2 packets
https://notcve.org/view.php?id=CVE-2019-12312
24 May 2019 — In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan. En Libreswan versión anterior a 3.28, un fallo de aserción puede llevar a un ... • http://www.iwantacve.cn/index.php/archives/218 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5391
https://notcve.org/view.php?id=CVE-2016-5391
13 Jun 2017 — libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). Libreswan anterior a la 3.18 permite a un atacante remoto provocar una denegación de servicio (desreferencia a un puntero NULL y reinicio del daemon pluto). • https://bugzilla.redhat.com/show_bug.cgi?id=1356183 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5361 – IKEv1 protocol is vulnerable to DoS amplification attack
https://notcve.org/view.php?id=CVE-2016-5361
16 Jun 2016 — programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each. programs/pluto/ikev1.c en libres... • http://rhn.redhat.com/errata/RHSA-2016-2603.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2013-6467
https://notcve.org/view.php?id=CVE-2013-6467
26 Jan 2014 — Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Libreswan v3.7 y anteriores permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y reinicio del demonio IKE) a través de paquetes IKEv2 que cuenten con payloads esperados. • http://osvdb.org/102172 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2013-7294
https://notcve.org/view.php?id=CVE-2013-7294
16 Jan 2014 — The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan before 3.7 allows remote attackers to cause a denial of service (restart) via an IKEv2 I1 notification without a KE payload. La función ikev2parent_inI1outR1 en pluto/ikev2_parent.c de libreswan antes de 3.7 permite a atacantes remotos provocar una denegación de servicio (reinicio) a través de una notificación por IKEv2 I1 sin datos KE. • http://secunia.com/advisories/56276 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2052
https://notcve.org/view.php?id=CVE-2013-2052
09 Jul 2013 — Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. Desbordamiento de buffer en la función atodn en libreswan v3.0 y v3.1, cuando está activada Opportunistic Encryptiony se usa una clave RSA, permite a los a... • https://libreswan.org/security/CVE-2013-2052/CVE-2013-2052.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •