Libreswan

Libreswan

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.61%
  • Veröffentlicht 21.02.2023 16:15:11
  • Zuletzt bearbeitet 17.03.2025 17:15:15

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.

Exploit
  • EPSS 2.7%
  • Veröffentlicht 15.01.2022 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:47:58

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.

  • EPSS 3.29%
  • Veröffentlicht 12.05.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:20

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The...

  • EPSS 0.51%
  • Veröffentlicht 12.06.2019 14:29:02
  • Zuletzt bearbeitet 21.11.2024 04:18:32

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check v...

Exploit
  • EPSS 2.75%
  • Veröffentlicht 24.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:22:36

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expecte...

  • EPSS 3.01%
  • Veröffentlicht 13.06.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart).

  • EPSS 2.77%
  • Veröffentlicht 16.06.2016 14:59:51
  • Zuletzt bearbeitet 06.05.2026 22:30:45

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 ...

  • EPSS 2.56%
  • Veröffentlicht 18.04.2016 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

  • EPSS 2.77%
  • Veröffentlicht 09.11.2015 16:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

  • EPSS 2.6%
  • Veröffentlicht 01.07.2015 14:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.