CVE-2013-6466
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.0
Description
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| xelerance | openswan | {"endIncluding":"2.6.39"} | |
| xelerance | openswan | 2.3.0 | |
| xelerance | openswan | 2.3.1 | |
| xelerance | openswan | 2.4.0 | |
| xelerance | openswan | 2.4.1 | |
| xelerance | openswan | 2.4.2 | |
| xelerance | openswan | 2.4.3 | |
| xelerance | openswan | 2.4.4 | |
| xelerance | openswan | 2.4.5 | |
| xelerance | openswan | 2.4.6 | |
| xelerance | openswan | 2.4.7 | |
| xelerance | openswan | 2.4.8 | |
| xelerance | openswan | 2.4.9 | |
| xelerance | openswan | 2.4.10 | |
| xelerance | openswan | 2.4.11 | |
| xelerance | openswan | 2.4.12 | |
| xelerance | openswan | 2.4.13 | |
| xelerance | openswan | 2.5.0 | |
| xelerance | openswan | 2.5.01 | |
| xelerance | openswan | 2.5.02 | |
| xelerance | openswan | 2.5.03 | |
| xelerance | openswan | 2.5.04 | |
| xelerance | openswan | 2.5.05 | |
| xelerance | openswan | 2.5.06 | |
| xelerance | openswan | 2.5.07 | |
| xelerance | openswan | 2.5.08 | |
| xelerance | openswan | 2.5.09 | |
| xelerance | openswan | 2.5.10 | |
| xelerance | openswan | 2.5.11 | |
| xelerance | openswan | 2.5.12 | |
| xelerance | openswan | 2.5.13 | |
| xelerance | openswan | 2.5.14 | |
| xelerance | openswan | 2.5.15 | |
| xelerance | openswan | 2.5.16 | |
| xelerance | openswan | 2.5.17 | |
| xelerance | openswan | 2.5.18 | |
| xelerance | openswan | 2.6.01 | |
| xelerance | openswan | 2.6.02 | |
| xelerance | openswan | 2.6.03 | |
| xelerance | openswan | 2.6.04 | |
| xelerance | openswan | 2.6.05 | |
| xelerance | openswan | 2.6.06 | |
| xelerance | openswan | 2.6.07 | |
| xelerance | openswan | 2.6.08 | |
| xelerance | openswan | 2.6.09 | |
| xelerance | openswan | 2.6.10 | |
| xelerance | openswan | 2.6.11 | |
| xelerance | openswan | 2.6.12 | |
| xelerance | openswan | 2.6.13 | |
| xelerance | openswan | 2.6.14 | |
| xelerance | openswan | 2.6.15 | |
| xelerance | openswan | 2.6.16 | |
| xelerance | openswan | 2.6.17 | |
| xelerance | openswan | 2.6.18 | |
| xelerance | openswan | 2.6.19 | |
| xelerance | openswan | 2.6.20 | |
| xelerance | openswan | 2.6.21 | |
| xelerance | openswan | 2.6.22 | |
| xelerance | openswan | 2.6.23 | |
| xelerance | openswan | 2.6.24 | |
| xelerance | openswan | 2.6.25 | |
| xelerance | openswan | 2.6.26 | |
| xelerance | openswan | 2.6.27 | |
| xelerance | openswan | 2.6.28 | |
| xelerance | openswan | 2.6.29 | |
| xelerance | openswan | 2.6.30 | |
| xelerance | openswan | 2.6.31 | |
| xelerance | openswan | 2.6.32 | |
| xelerance | openswan | 2.6.33 | |
| xelerance | openswan | 2.6.34 | |
| xelerance | openswan | 2.6.35 | |
| xelerance | openswan | 2.6.36 | |
| xelerance | openswan | 2.6.37 | |
| xelerance | openswan | 2.6.38 | |
References
- http://rhn.redhat.com/errata/RHSA-2014-0185.html
- http://www.debian.org/security/2014/dsa-2893
- http://www.securityfocus.com/bid/65155
- https://cert.vde.com/en-us/advisories/vde-2017-001
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90524
- https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
- http://rhn.redhat.com/errata/RHSA-2014-0185.html
- http://www.debian.org/security/2014/dsa-2893
- http://www.securityfocus.com/bid/65155
- https://cert.vde.com/en-us/advisories/vde-2017-001
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90524
- https://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.