PT-2015-6117 · Libreswan+4 · Libreswan+4
Paul Wouters
·
Published
2015-11-03
·
Updated
2023-02-13
·
CVE-2015-3240
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
libreswan versions prior to 3.15
Openswan versions prior to 2.6.45
Description
The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and daemon restart. This occurs when a zero DH g^x value is present in a KE payload within an IKE packet. The affected software must be built with NSS for this issue to be exploitable.
Recommendations
For libreswan versions prior to 3.15, update to version 3.15 or later.
For Openswan versions prior to 2.6.45, update to version 2.6.45 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Centos
Nss
Openswan
Red Hat
Libreswan