CVE-2013-6466
openswan: dereferencing missing IKEv2 payloads causes pluto daemon to restart
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
Openswan v2.6.39 y anteriores permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y reinicio del demonio IKE) a través de paquetes IKEv2 que cuenten con payloads esperados.
Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. A NULL pointer dereference flaw was discovered in the way Openswan's IKE daemon processed IKEv2 payloads. A remote attacker could send specially crafted IKEv2 payloads that, when processed, would lead to a denial of service, possibly causing existing VPN connections to be dropped.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-11-04 CVE Reserved
- 2014-01-26 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/65155 | Vdb Entry | |
| https://cert.vde.com/en-us/advisories/vde-2017-001 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90524 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0185.html | 2019-07-29 | |
| http://www.debian.org/security/2014/dsa-2893 | 2019-07-29 | |
| https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt | 2019-07-29 | |
| https://access.redhat.com/security/cve/CVE-2013-6466 | 2014-02-18 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1050277 | 2014-02-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | <= 2.6.39 Search vendor "Xelerance" for product "Openswan" and version " <= 2.6.39" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.3.0 Search vendor "Xelerance" for product "Openswan" and version "2.3.0" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.3.1 Search vendor "Xelerance" for product "Openswan" and version "2.3.1" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.0 Search vendor "Xelerance" for product "Openswan" and version "2.4.0" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.1 Search vendor "Xelerance" for product "Openswan" and version "2.4.1" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.2 Search vendor "Xelerance" for product "Openswan" and version "2.4.2" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.3 Search vendor "Xelerance" for product "Openswan" and version "2.4.3" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.4 Search vendor "Xelerance" for product "Openswan" and version "2.4.4" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.5 Search vendor "Xelerance" for product "Openswan" and version "2.4.5" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.6 Search vendor "Xelerance" for product "Openswan" and version "2.4.6" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.7 Search vendor "Xelerance" for product "Openswan" and version "2.4.7" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.8 Search vendor "Xelerance" for product "Openswan" and version "2.4.8" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.9 Search vendor "Xelerance" for product "Openswan" and version "2.4.9" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.10 Search vendor "Xelerance" for product "Openswan" and version "2.4.10" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.11 Search vendor "Xelerance" for product "Openswan" and version "2.4.11" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.12 Search vendor "Xelerance" for product "Openswan" and version "2.4.12" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.13 Search vendor "Xelerance" for product "Openswan" and version "2.4.13" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.0 Search vendor "Xelerance" for product "Openswan" and version "2.5.0" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.0 Search vendor "Xelerance" for product "Openswan" and version "2.5.0" | sbs4 |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.0 Search vendor "Xelerance" for product "Openswan" and version "2.5.0" | sbs5 |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.01 Search vendor "Xelerance" for product "Openswan" and version "2.5.01" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.02 Search vendor "Xelerance" for product "Openswan" and version "2.5.02" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.03 Search vendor "Xelerance" for product "Openswan" and version "2.5.03" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.04 Search vendor "Xelerance" for product "Openswan" and version "2.5.04" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.05 Search vendor "Xelerance" for product "Openswan" and version "2.5.05" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.06 Search vendor "Xelerance" for product "Openswan" and version "2.5.06" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.07 Search vendor "Xelerance" for product "Openswan" and version "2.5.07" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.08 Search vendor "Xelerance" for product "Openswan" and version "2.5.08" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.09 Search vendor "Xelerance" for product "Openswan" and version "2.5.09" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.10 Search vendor "Xelerance" for product "Openswan" and version "2.5.10" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.11 Search vendor "Xelerance" for product "Openswan" and version "2.5.11" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.12 Search vendor "Xelerance" for product "Openswan" and version "2.5.12" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.13 Search vendor "Xelerance" for product "Openswan" and version "2.5.13" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.14 Search vendor "Xelerance" for product "Openswan" and version "2.5.14" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.15 Search vendor "Xelerance" for product "Openswan" and version "2.5.15" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.16 Search vendor "Xelerance" for product "Openswan" and version "2.5.16" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.17 Search vendor "Xelerance" for product "Openswan" and version "2.5.17" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.5.18 Search vendor "Xelerance" for product "Openswan" and version "2.5.18" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.01 Search vendor "Xelerance" for product "Openswan" and version "2.6.01" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.02 Search vendor "Xelerance" for product "Openswan" and version "2.6.02" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.03 Search vendor "Xelerance" for product "Openswan" and version "2.6.03" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.04 Search vendor "Xelerance" for product "Openswan" and version "2.6.04" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.05 Search vendor "Xelerance" for product "Openswan" and version "2.6.05" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.06 Search vendor "Xelerance" for product "Openswan" and version "2.6.06" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.07 Search vendor "Xelerance" for product "Openswan" and version "2.6.07" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.08 Search vendor "Xelerance" for product "Openswan" and version "2.6.08" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.09 Search vendor "Xelerance" for product "Openswan" and version "2.6.09" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.10 Search vendor "Xelerance" for product "Openswan" and version "2.6.10" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.11 Search vendor "Xelerance" for product "Openswan" and version "2.6.11" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.12 Search vendor "Xelerance" for product "Openswan" and version "2.6.12" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.13 Search vendor "Xelerance" for product "Openswan" and version "2.6.13" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.14 Search vendor "Xelerance" for product "Openswan" and version "2.6.14" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.15 Search vendor "Xelerance" for product "Openswan" and version "2.6.15" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.16 Search vendor "Xelerance" for product "Openswan" and version "2.6.16" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.17 Search vendor "Xelerance" for product "Openswan" and version "2.6.17" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.18 Search vendor "Xelerance" for product "Openswan" and version "2.6.18" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.19 Search vendor "Xelerance" for product "Openswan" and version "2.6.19" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.20 Search vendor "Xelerance" for product "Openswan" and version "2.6.20" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.21 Search vendor "Xelerance" for product "Openswan" and version "2.6.21" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.22 Search vendor "Xelerance" for product "Openswan" and version "2.6.22" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.23 Search vendor "Xelerance" for product "Openswan" and version "2.6.23" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.24 Search vendor "Xelerance" for product "Openswan" and version "2.6.24" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.25 Search vendor "Xelerance" for product "Openswan" and version "2.6.25" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.26 Search vendor "Xelerance" for product "Openswan" and version "2.6.26" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.27 Search vendor "Xelerance" for product "Openswan" and version "2.6.27" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.28 Search vendor "Xelerance" for product "Openswan" and version "2.6.28" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.29 Search vendor "Xelerance" for product "Openswan" and version "2.6.29" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.30 Search vendor "Xelerance" for product "Openswan" and version "2.6.30" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.31 Search vendor "Xelerance" for product "Openswan" and version "2.6.31" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.32 Search vendor "Xelerance" for product "Openswan" and version "2.6.32" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.33 Search vendor "Xelerance" for product "Openswan" and version "2.6.33" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.34 Search vendor "Xelerance" for product "Openswan" and version "2.6.34" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.35 Search vendor "Xelerance" for product "Openswan" and version "2.6.35" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.36 Search vendor "Xelerance" for product "Openswan" and version "2.6.36" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.37 Search vendor "Xelerance" for product "Openswan" and version "2.6.37" | - |
Affected
| ||||||
| Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.38 Search vendor "Xelerance" for product "Openswan" and version "2.6.38" | - |
Affected
| ||||||