{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-06T00:00:00", "descriptions": [{"lang": "en", "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-03-26T14:06:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-3272", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3272"}, {"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/May/83"}, {"name": "FEDORA-2015-8968", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"}, {"name": "20150519 0-day Denial of Service in IPsec-Tools", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/May/81"}, {"name": "FEDORA-2015-8948", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"}, {"name": "1032397", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032397"}, {"name": "[oss-security] 20150519 CVE Request: ipsec-tools", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"}, {"name": "74739", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74739"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"}, {"name": "USN-2623-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2623-1"}, {"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K05013313"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-4047", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-3272", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3272"}, {"name": "20150520 Re: 0-day Denial of Service in IPsec-Tools", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/May/83"}, {"name": "FEDORA-2015-8968", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"}, {"name": "20150519 0-day Denial of Service in IPsec-Tools", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/May/81"}, {"name": "FEDORA-2015-8948", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"}, {"name": "https://www.altsci.com/ipsec/ipsec-tools-sa.html", "refsource": "MISC", "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"}, {"name": "1032397", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032397"}, {"name": "[oss-security] 20150519 CVE Request: ipsec-tools", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"}, {"name": "74739", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74739"}, {"name": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"}, {"name": "USN-2623-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2623-1"}, {"name": "[oss-security] 20150521 Re: CVE Request: ipsec-tools", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"}, {"name": "https://support.f5.com/csp/article/K05013313", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K05013313"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-4047", "datePublished": "2015-05-29T15:00:00", "dateReserved": "2015-05-20T00:00:00", "dateUpdated": "2019-03-26T14:06:07", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B4F6D424-26B7-4CD2-80B4-96FBA9E2FA5C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A53BE5FB-7405-4952-B3BD-6B0B8213F98A", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "69FBB7A9-69E7-4E84-ABBF-3430FA4FB757", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "9970DEE7-9ED1-496F-A5DD-D41A0E13968E", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1488BC3-CBE9-4944-8573-D7EBE36713B8", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "79157FB3-C12D-4E05-81A3-776381822B2F", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3F2F72B2-84F2-4FA2-9B53-E98344235EB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A3BBF17-573E-430A-86CB-A9A2A47940E3", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEB08984-6E30-41C0-B283-66D2AAE1E8B7", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E859BDBF-D0E7-4621-83F3-4079EEB111BC", "versionEndIncluding": "11.6.4", "versionStartIncluding": "11.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615", "versionEndIncluding": "12.1.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "96B6E81C-8DCA-4560-ABD7-8FB73FBE3824", "versionEndIncluding": "11.4.1", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F", "versionEndIncluding": "3.1.1", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests."}, {"lang": "es", "value": "racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegaci\u00f3n de servicios (referencia a puntero nulo y ca\u00edda de demonio IKE) a trav\u00e9s de una serie de solicitudes UDP manipuladas."}], "id": "CVE-2015-4047", "lastModified": "2019-03-27T18:04:36.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-05-29T15:59:19.030", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2015/May/81"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Exploit", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2015/May/83"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2015/dsa-3272"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Exploit", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/05/20/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/05/21/11"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74739"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032397"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2623-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K05013313"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.altsci.com/ipsec/ipsec-tools-sa.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}