CVE-2015-4047
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegación de servicios (referencia a puntero nulo y caída de demonio IKE) a través de una serie de solicitudes UDP manipuladas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-05-20 CVE Reserved
- 2015-05-26 CVE Published
- 2024-03-18 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html | Third Party Advisory |
|
| http://www.openwall.com/lists/oss-security/2015/05/21/11 | Mailing List |
|
| http://www.securityfocus.com/bid/74739 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032397 | Third Party Advisory | |
| https://support.f5.com/csp/article/K05013313 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| http://seclists.org/fulldisclosure/2015/May/81 | 2024-08-06 | |
| http://seclists.org/fulldisclosure/2015/May/83 | 2024-08-06 | |
| http://www.openwall.com/lists/oss-security/2015/05/20/1 | 2024-08-06 | |
| https://www.altsci.com/ipsec/ipsec-tools-sa.html | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html | 2019-03-27 | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html | 2019-03-27 | |
| http://www.debian.org/security/2015/dsa-3272 | 2019-03-27 | |
| http://www.ubuntu.com/usn/USN-2623-1 | 2019-03-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ipsec-tools Search vendor "Ipsec-tools" | Ipsec-tools Search vendor "Ipsec-tools" for product "Ipsec-tools" | 0.8.2 Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.8.2" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 20 Search vendor "Fedoraproject" for product "Fedora" and version "20" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 21 Search vendor "Fedoraproject" for product "Fedora" and version "21" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager" | >= 11.4.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.4.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Local Traffic Manager Search vendor "F5" for product "Big-ip Local Traffic Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Local Traffic Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager" | >= 11.3.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 11.3.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Advanced Firewall Manager Search vendor "F5" for product "Big-ip Advanced Firewall Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Analytics" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics" | 13.0.0 Search vendor "F5" for product "Big-ip Analytics" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Access Policy Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Application Security Manager Search vendor "F5" for product "Big-ip Application Security Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Application Security Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Domain Name System" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Domain Name System Search vendor "F5" for product "Big-ip Domain Name System" | 13.0.0 Search vendor "F5" for product "Big-ip Domain Name System" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Edge Gateway Search vendor "F5" for product "Big-ip Edge Gateway" | >= 11.0.0 <= 11.3.0 Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 11.0.0 <= 11.3.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Global Traffic Manager Search vendor "F5" for product "Big-ip Global Traffic Manager" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller" | >= 11.0.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.0.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller" | 13.0.0 Search vendor "F5" for product "Big-ip Link Controller" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager" | >= 11.3.0 <= 11.6.4 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 11.3.0 <= 11.6.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager" | >= 12.0.0 <= 12.1.4 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 12.0.0 <= 12.1.4" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Policy Enforcement Manager Search vendor "F5" for product "Big-ip Policy Enforcement Manager" | 13.0.0 Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version "13.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Protocol Security Manager Search vendor "F5" for product "Big-ip Protocol Security Manager" | >= 11.0.0 <= 11.4.1 Search vendor "F5" for product "Big-ip Protocol Security Manager" and version " >= 11.0.0 <= 11.4.1" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Wan Optimization Manager Search vendor "F5" for product "Big-ip Wan Optimization Manager" | >= 11.0.0 <= 11.3.0 Search vendor "F5" for product "Big-ip Wan Optimization Manager" and version " >= 11.0.0 <= 11.3.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-ip Webaccelerator Search vendor "F5" for product "Big-ip Webaccelerator" | >= 11.0.0 <= 11.3.0 Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 11.0.0 <= 11.3.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Adc Search vendor "F5" for product "Big-iq Adc" | 4.5.0 Search vendor "F5" for product "Big-iq Adc" and version "4.5.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Centralized Management Search vendor "F5" for product "Big-iq Centralized Management" | 4.6.0 Search vendor "F5" for product "Big-iq Centralized Management" and version "4.6.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Cloud Search vendor "F5" for product "Big-iq Cloud" | >= 4.0.0 <= 4.5.0 Search vendor "F5" for product "Big-iq Cloud" and version " >= 4.0.0 <= 4.5.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Cloud And Orchestration Search vendor "F5" for product "Big-iq Cloud And Orchestration" | 1.0.0 Search vendor "F5" for product "Big-iq Cloud And Orchestration" and version "1.0.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Device Search vendor "F5" for product "Big-iq Device" | >= 4.2.0 <= 4.5.0 Search vendor "F5" for product "Big-iq Device" and version " >= 4.2.0 <= 4.5.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Big-iq Security Search vendor "F5" for product "Big-iq Security" | >= 4.0.0 <= 4.5.0 Search vendor "F5" for product "Big-iq Security" and version " >= 4.0.0 <= 4.5.0" | - |
Affected
| ||||||
| F5 Search vendor "F5" | Enterprise Manager Search vendor "F5" for product "Enterprise Manager" | >= 3.0.0 <= 3.1.1 Search vendor "F5" for product "Enterprise Manager" and version " >= 3.0.0 <= 3.1.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||