Skip to main content

Numeric Errors

CVE-2015-3240

Severity Medium
Score 4.3/10

Summary

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

  • Published