programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.
Max CVSS
7.5
EPSS Score
0.91%
Published
2016-06-16
Updated
2017-01-18
Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.
Max CVSS
7.5
EPSS Score
0.54%
Published
2016-04-18
Updated
2017-02-07
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!