CyberSec.Space Logo
Back to CVE Browser

CVE-2013-7283

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1110%
EPSS Percentile29.14th
PublishedJan 9, 2014
Last ModifiedApr 29, 2026

Vulnerability Description

Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.

Affected Platforms (CPE)

πŸ“¦
Libreswan

Libreswan

= 3.6

References & Advisories

πŸ”— http://secunia.com/advisories/56276
πŸ”— http://www.osvdb.org/101575
πŸ”— https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3c6ae55
πŸ”— https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html
πŸ”— http://secunia.com/advisories/56276
πŸ”— http://www.osvdb.org/101575
πŸ”— https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3c6ae55
πŸ”— https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html

Related Vulnerabilities

CVE-2016-30717.5

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

CVE-2020-17637.5

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticate...

CVE-2019-123127.5

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference ...

CVE-2016-53617.5

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a ...