CVE-2015-3240

EUVD-2015-3296
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
libreswanlibreswan
3.14
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libreswan
bookworm
4.10-2+deb12u1
fixed
bullseye
4.3-1+deb11u4
fixed
bullseye (security)
4.3-1+deb11u3
fixed
sid
4.14-1.1
fixed
trixie
4.14-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libreswan
artful
not-affected
bionic
not-affected
cosmic
not-affected
disco
not-affected
precise
dne
trusty
dne
vivid
dne
wily
dne
xenial
dne
yakkety
dne
zesty
not-affected
openswan
artful
dne
bionic
dne
cosmic
dne
disco
dne
precise
ignored
trusty
dne
vivid
dne
wily
dne
xenial
dne
yakkety
dne
zesty
dne
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2015-1979.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/77536
http://www.securitytracker.com/id/1033418
https://libreswan.org/security/CVE-2015-3240/CVE-2015-3240.txt
https://lists.openswan.org/pipermail/users/2015-August/023401.html
https://security.gentoo.org/glsa/201603-13
http://rhn.redhat.com/errata/RHSA-2015-1979.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/77536
http://www.securitytracker.com/id/1033418
https://libreswan.org/security/CVE-2015-3240/CVE-2015-3240.txt
https://lists.openswan.org/pipermail/users/2015-August/023401.html
https://security.gentoo.org/glsa/201603-13