Vulnerabilities > CVE-2015-3240 - Numeric Errors vulnerability in Libreswan 3.14

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

Vulnerable Configurations

Part Description Count
Application
Libreswan
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1979.NASL
    descriptionUpdated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). A flaw was discovered in the way Libreswan
    last seen2020-06-01
    modified2020-06-02
    plugin id86744
    published2015-11-05
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86744
    titleRHEL 7 : libreswan (RHSA-2015:1979)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1979.NASL
    descriptionFrom Red Hat Security Advisory 2015:1979 : Updated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). A flaw was discovered in the way Libreswan
    last seen2020-06-01
    modified2020-06-02
    plugin id86715
    published2015-11-04
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86715
    titleOracle Linux 7 : libreswan (ELSA-2015-1979)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20151104_LIBRESWAN_ON_SL7_X.NASL
    descriptionA flaw was discovered in the way Libreswan
    last seen2020-03-18
    modified2015-11-05
    plugin id86749
    published2015-11-05
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86749
    titleScientific Linux Security Update : libreswan on SL7.x x86_64 (20151104)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1979.NASL
    descriptionUpdated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). A flaw was discovered in the way Libreswan
    last seen2020-06-01
    modified2020-06-02
    plugin id86711
    published2015-11-04
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86711
    titleCentOS 7 : libreswan (CESA-2015:1979)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201603-13.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201603-13 (Libreswan: Multiple Vulnerabilities) The pluto IKE daemon in Libreswan, when built with NSS, allows remote attackers to cause a Denial of Service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet. Additionally, remote attackers could cause a Denial of Service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK. Impact : Remote attackers could possibly cause Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id89906
    published2016-03-14
    reporterThis script is Copyright (C) 2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89906
    titleGLSA-201603-13 : Libreswan: Multiple Vulnerabilities

Redhat

advisories
bugzilla
id1273719
titlelibreswan FIPS test mistakenly looks for non-existent file hashes and reports FIPS failure
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • commentlibreswan is earlier than 0:3.15-5.el7_1
      ovaloval:com.redhat.rhsa:tst:20151979001
    • commentlibreswan is signed with Red Hat redhatrelease2 key
      ovaloval:com.redhat.rhsa:tst:20151154002
rhsa
idRHSA-2015:1979
released2015-11-04
severityModerate
titleRHSA-2015:1979: libreswan security and enhancement update (Moderate)
rpms
  • libreswan-0:3.15-5.ael7b_1
  • libreswan-0:3.15-5.el7_1
  • libreswan-debuginfo-0:3.15-5.ael7b_1
  • libreswan-debuginfo-0:3.15-5.el7_1