Multiple vulnerabilities in libreswan
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2013-6467 CVE-2013-7283 CVE-2013-4564 |
| CWE-ID | CWE-20 CWE-362 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
libreswan Universal components / Libraries / Libraries used by multiple products |
| Vendor | libreswan.org |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU42103
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6467
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
MitigationInstall update from vendor's website.
Vulnerable software versionslibreswan: 3.0 - 3.6
CPE2.3- cpe:2.3:a:libreswan.org:libreswan:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:libreswan.org:libreswan:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreswan.org:libreswan:3.2:*:*:*:*:*:*:*
https://osvdb.org/102172
https://secunia.com/advisories/56420
https://www.securityfocus.com/bid/64987
https://exchange.xforce.ibmcloud.com/vulnerabilities/90522
https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU42171
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2013-7283
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.
MitigationInstall update from vendor's website.
Vulnerable software versionslibreswan: 3.6
CPE2.3 External linkshttps://secunia.com/advisories/56276
https://www.osvdb.org/101575
https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3c6ae55
https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU42179
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-4564
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
MitigationInstall update from vendor's website.
Vulnerable software versionslibreswan: 3.6
CPE2.3 External linkshttps://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html
https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124928.html
https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124943.html
https://secunia.com/advisories/56276
https://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc
https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
