CyberSec.Space Logo
Back to CVE Browser

CVE-2015-3204

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile27.01th
PublishedJul 1, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.

Affected Platforms (CPE)

πŸ“¦
Libreswan

Libreswan

= 3.9
πŸ“¦
Libreswan

Libreswan

= 3.10
πŸ“¦
Libreswan

Libreswan

= 3.11
πŸ“¦
Libreswan

Libreswan

= 3.12

References & Advisories

πŸ”— http://rhn.redhat.com/errata/RHSA-2015-1154.html
πŸ”— http://www.securityfocus.com/bid/75392
πŸ”— https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt
πŸ”— https://security.gentoo.org/glsa/201603-13
πŸ”— http://rhn.redhat.com/errata/RHSA-2015-1154.html
πŸ”— http://www.securityfocus.com/bid/75392
πŸ”— https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt
πŸ”— https://security.gentoo.org/glsa/201603-13

Related Vulnerabilities

CVE-2013-72839.3

Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecifie...

CVE-2020-17637.5

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticate...

CVE-2019-123127.5

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference ...

CVE-2016-30717.5

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.