CVE-2013-6076

Опубликовано: 02 нояб. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

Комментарий

CWE-476: NULL Pointer Dereference per http://cwe.mitre.org/data/definitions/476.html

Ссылки

http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6076%29.html
Patch
Vendor Advisory
http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6076%29.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:strongswan:strongswan:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:strongswan:strongswan:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:strongswan:strongswan:5.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00403

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2013-6076

ubuntu

больше 12 лет назад

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

CVE-2013-6076

redhat

больше 12 лет назад

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

CVE-2013-6076

debian

больше 12 лет назад

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a deni ...

GHSA-499g-gpw8-wmq3

github

больше 3 лет назад

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.

EPSS

Процентиль: 60%

0.00403

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other