CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests...

Debian: Security Advisory (DSA-3272-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests...

IPsec Tools denial of service 0day vulnerabilities detail report-vulnerability warning-the black bar safety net

IPsec-tools recently exposed a denial of service 0day vulnerabilities, and the Internet has appeared the use of the program. You may be questioning the vulnerability does not even reach a moderate vulnerability rating, but remember that IPsec is critical infrastructure, and this attack requires...

FreeBSD : ipsec-tools -- Memory leak leading to denial of service (35431f79-fe3e-11e4-ba63-000c292ee6b8)

Javantea reports : It is a null dereference crash, leading to denial of service against the IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine...

ipsec-tools -- Memory leak leading to denial of service

Javantea reports: It is a null dereference crash, leading to denial of service against the IKE daemon...

Medium: kernel

Issue Overview: A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a...

RHEL 7 : kernel (RHSA-2015:0987)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

RHEL 6 : MRG (RHSA-2015:0989)

Updated kernel-rt packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI

A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a...

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Updated kernel-rt packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.3.3 package of the CentOS operating system may lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.6.5 package for the CentOS operating system can be exploited, leading to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.2.5 package for the CentOS operating system may lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the ipsec-tools package up to version 0.3.3 of the Gentoo Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

Multiple vulnerabilities exist in the ipsec-tools package up to version 0.7.1 of the Gentoo Linux operating system. Exploitation of these vulnerabilities may lead to the compromise of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

Multiple vulnerabilities exist in the ipsec-tools package up to version 0.7.2 of the Gentoo Linux operating system. Exploitation of these vulnerabilities may lead to the compromise of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.2.5 package for the Red Hat Enterprise Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.6.5 package for the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools-0.3.3 package of the Red Hat Enterprise Linux operating system can be exploited, leading to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...