- EPSS 2.45%
- Veröffentlicht 26.01.2014 20:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
- EPSS 2.55%
- Veröffentlicht 16.01.2014 05:05:26
- Zuletzt bearbeitet 29.04.2026 01:13:23
The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan before 3.7 allows remote attackers to cause a denial of service (restart) via an IKEv2 I1 notification without a KE payload.
CVE-2013-7283
- EPSS 1.63%
- Veröffentlicht 09.01.2014 18:07:29
- Zuletzt bearbeitet 29.04.2026 01:13:23
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.
- EPSS 2.64%
- Veröffentlicht 07.01.2014 17:04:51
- Zuletzt bearbeitet 29.04.2026 01:13:23
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
CVE-2013-2052
- EPSS 1.75%
- Veröffentlicht 09.07.2013 17:55:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code v...