CVE-2015-3240 in Libreswaninfo

Summary

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

04/10/2015

Disclosure

11/09/2015

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
79096Libreswan/Openswan Pluto IKE numeric error189Not definedOfficial fixCVE-2015-3240

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!