VIR Vulnerability Intelligence Relay

CVE-2015-4047

high
Published 2015-05-29 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2015-4047.html

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debian7.0affected
debian debian8.0affected
debian debian9.0affected
fedora fedora20affected
fedora fedora21affected
ubuntu ubuntu12.04affected

Application impact
VendorProductVersionsFixed
ipsec-toolsipsec-tools0.8.2
f5big-ip_application_acceleration_manager{"startIncluding":"11.4.0","endIncluding":"11.6.4"}
f5big-ip_application_acceleration_manager13.0.0
f5big-ip_local_traffic_manager{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_local_traffic_manager13.0.0
f5big-ip_advanced_firewall_manager{"startIncluding":"11.3.0","endIncluding":"11.6.4"}
f5big-ip_advanced_firewall_manager13.0.0
f5big-ip_analytics{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_analytics13.0.0
f5big-ip_access_policy_manager{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_access_policy_manager13.0.0
f5big-ip_application_security_manager{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_application_security_manager13.0.0
f5big-ip_domain_name_system{"startIncluding":"12.0.0","endIncluding":"12.1.4"}
f5big-ip_domain_name_system13.0.0
f5big-ip_edge_gateway{"startIncluding":"11.0.0","endIncluding":"11.3.0"}
f5big-ip_global_traffic_manager{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_link_controller{"startIncluding":"11.0.0","endIncluding":"11.6.4"}
f5big-ip_link_controller13.0.0
f5big-ip_policy_enforcement_manager{"startIncluding":"11.3.0","endIncluding":"11.6.4"}
f5big-ip_policy_enforcement_manager13.0.0
f5big-ip_protocol_security_manager{"startIncluding":"11.0.0","endIncluding":"11.4.1"}
f5big-ip_wan_optimization_manager{"startIncluding":"11.0.0","endIncluding":"11.3.0"}
f5big-ip_webaccelerator{"startIncluding":"11.0.0","endIncluding":"11.3.0"}
f5big-iq_adc4.5.0
f5big-iq_centralized_management4.6.0
f5big-iq_cloud{"startIncluding":"4.0.0","endIncluding":"4.5.0"}
f5big-iq_cloud_and_orchestration1.0.0
f5big-iq_device{"startIncluding":"4.2.0","endIncluding":"4.5.0"}
f5big-iq_security{"startIncluding":"4.0.0","endIncluding":"4.5.0"}
f5enterprise_manager{"startIncluding":"3.0.0","endIncluding":"3.1.1"}

References

CWEs

CWE-476

Verify integrity in audit chain (admin only). AS-IS.