CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2023/10/31 2:20 a.m.•1 views

SUSE CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS7.7AI score0.04422EPSS

SUSE CVE•added 2023/10/31 2:19 a.m.•1 views

SUSE CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.00185EPSS

Microsoft CVE•added 2023/08/26 7:0 a.m.•2 views

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1 an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.

...

6.5CVSS6.5AI score0.00062EPSS

Exploits0

ATTACKERKB•added 2023/08/25 9:15 p.m.•1 views

CVE-2023-38710

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...

6.5CVSS5.8AI score0.00062EPSS

Exploits0References3

6.5CVSS6.3AI score0.00107EPSS

DEBIAN-CVE-2023-38711

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...

6.5CVSS6.3AI score0.00062EPSS

DEBIAN-CVE-2023-38710

ATTACKERKB•added 2023/08/25 9:15 p.m.•0 views

CVE-2023-38711

6.5CVSS5.8AI score0.00107EPSS

Exploits0References3

OSV•added 2023/08/25 9:15 p.m.•22 views

CVE-2023-38710

6.5CVSS7.3AI score0.00062EPSS

6.5CVSS6.3AI score0.00078EPSS

DEBIAN-CVE-2023-38712

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...

OSV•added 2023/08/25 9:15 p.m.•0 views

AZL-28066 CVE-2023-38712 affecting package libreswan for versions less than 4.7-5

6.5CVSS6.6AI score0.00078EPSS

ATTACKERKB•added 2023/08/25 9:15 p.m.•1 views

CVE-2023-38712

6.5CVSS5.8AI score0.00078EPSS

Exploits0References3