You are here

CVE-2013-4564

Vincent (CVE) Danen's picture
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.

Details Source

Mitre

Public Date

2013-11-18 00:00:00

Impact

Moderate

Bugzilla

CVE-2013-4564 libreswan: DoS due to how mangled IKE packets are handled

Bugzilla ID

1 031 830

CVSS Status

draft

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

External References

https://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 libreswan Not affected