CVE-2013-6467

Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.

Published: Jan 26, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-6467
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
libreswan / libreswan	3.0	3.0.x
libreswan / libreswan	3.1	3.1.x
libreswan / libreswan	3.4	3.4.x
libreswan / libreswan	-	3.7.x
libreswan / libreswan	3.6	3.6.x
libreswan / libreswan	3.5	3.5.x
libreswan / libreswan	3.2	3.2.x
libreswan / libreswan	3.3	3.3.x

http://osvdb.org/102172
http://secunia.com/advisories/56420
http://www.securityfocus.com/bid/64987
https://exchange.xforce.ibmcloud.com/vulnerabilities/90522
https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt

Vulnerability Database

289,697

CVE-2013-6467