CVE-2016-3071
Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.
| Software | From | Fixed in |
|---|---|---|
| libreswan / libreswan | 3.16 | 3.16.x |
| fedoraproject / fedora | 24 | 24.x |
| fedoraproject / fedora | 23 | 23.x |
- http://download.libreswan.org/CHANGES
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182050.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182130.html
- http://www.securityfocus.com/bid/87295
- https://libreswan.org/security/CVE-2016-3071/CVE-2016-3071.txt
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime