CVE-2015-4047

NONE EPSS 95.0%
Published May 29, 201511y ago · Modified Jun 17, 20262w ago
Find Similar
Published May 29, 2015 11y ago
Last Modified Jun 17, 2026 2w ago

Description

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

Threat Intelligence

EPSS Exploit Probability
95.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 45

VendorProductVersionRange
ipsec-toolsipsec-tools0.8.2any
canonicalubuntu_linux12.04any
fedoraprojectfedora20any
fedoraprojectfedora21any
f5big-ip_application_acceleration_manager*≥11.4.0  –  ≤11.6.4
f5big-ip_application_acceleration_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_application_acceleration_manager13.0.0any
f5big-ip_local_traffic_manager*≥11.0.0  –  ≤11.6.4
f5big-ip_local_traffic_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_local_traffic_manager13.0.0any
f5big-ip_advanced_firewall_manager*≥11.3.0  –  ≤11.6.4
f5big-ip_advanced_firewall_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_advanced_firewall_manager13.0.0any
f5big-ip_analytics*≥11.0.0  –  ≤11.6.4
f5big-ip_analytics*≥12.0.0  –  ≤12.1.4
f5big-ip_analytics13.0.0any
f5big-ip_access_policy_manager*≥11.0.0  –  ≤11.6.4
f5big-ip_access_policy_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_access_policy_manager13.0.0any
f5big-ip_application_security_manager*≥11.0.0  –  ≤11.6.4
f5big-ip_application_security_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_application_security_manager13.0.0any
f5big-ip_domain_name_system*≥12.0.0  –  ≤12.1.4
f5big-ip_domain_name_system13.0.0any
f5big-ip_edge_gateway*≥11.0.0  –  ≤11.3.0
f5big-ip_global_traffic_manager*≥11.0.0  –  ≤11.6.4
f5big-ip_link_controller*≥11.0.0  –  ≤11.6.4
f5big-ip_link_controller*≥12.0.0  –  ≤12.1.4
f5big-ip_link_controller13.0.0any
f5big-ip_policy_enforcement_manager*≥11.3.0  –  ≤11.6.4
f5big-ip_policy_enforcement_manager*≥12.0.0  –  ≤12.1.4
f5big-ip_policy_enforcement_manager13.0.0any
f5big-ip_protocol_security_manager*≥11.0.0  –  ≤11.4.1
f5big-ip_wan_optimization_manager*≥11.0.0  –  ≤11.3.0
f5big-ip_webaccelerator*≥11.0.0  –  ≤11.3.0
f5big-iq_adc4.5.0any
f5big-iq_centralized_management4.6.0any
f5big-iq_cloud*≥4.0.0  –  ≤4.5.0
f5big-iq_cloud_and_orchestration1.0.0any
f5big-iq_device*≥4.2.0  –  ≤4.5.0
f5big-iq_security*≥4.0.0  –  ≤4.5.0
f5enterprise_manager*≥3.0.0  –  ≤3.1.1
debiandebian_linux7.0any
debiandebian_linux8.0any
debiandebian_linux9.0any

References 13

  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html
    Mailing ListThird Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html
    Mailing ListThird Party Advisory
  • packetstormsecurity.com http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html
    Third Party AdvisoryVDB Entry
  • seclists.org http://seclists.org/fulldisclosure/2015/May/81
    ExploitMailing ListThird Party Advisory
  • seclists.org http://seclists.org/fulldisclosure/2015/May/83
    ExploitMailing ListThird Party Advisory
  • debian.org http://www.debian.org/security/2015/dsa-3272
    Third Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2015/05/20/1
    ExploitMailing ListThird Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2015/05/21/11
    Mailing ListThird Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/74739
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1032397
    Third Party AdvisoryVDB Entry
  • ubuntu.com http://www.ubuntu.com/usn/USN-2623-1
    Third Party Advisory
  • support.f5.com https://support.f5.com/csp/article/K05013313
    Third Party Advisory
  • altsci.com https://www.altsci.com/ipsec/ipsec-tools-sa.html
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.