CVE-2016-5361 — Improper Input Validation in Libreswan

CWE-20 — Improper Input Validation8 documents6 sources

Severity

7.5HIGHNVD

EPSS

1.0%

top 23.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libreswan Debian Libreswan

Timeline

PublishedJun 16

Latest updateApr 1

Description

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDlibreswan/libreswan3.16

▶debiandebian/libreswan

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-pvgh-6wjg-x887: programs/pluto/ikev1↗2022-05-17

▶

📋Vendor Advisories

Red Hat

IKEv1 protocol is vulnerable to DoS amplification attack↗2016-03-14

▶

Debian

CVE-2016-5361: libreswan - programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder...↗2016

▶

📄Research Papers

RFC

Deprecation of the Internet Key Exchange Version 1 (IKEv1) Protocol and Obsoleted Algorithms↗2023-04-01

▶

💬Community

Bugzilla

CVE-2016-5361 libreswan: IKE/IKEv2 protocol is vulnerable to DoS amplification attack [fedora-all]↗2016-06-10

▶

Bugzilla

CVE-2016-5361 IKEv1 protocol is vulnerable to DoS amplification attack↗2016-02-15

▶