CVE-2013-4564

N/A Unknown

Published: January 07, 2014 Modified: April 29, 2026

Description

Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124928.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124943.html

Source: secalert@redhat.com

http://secunia.com/advisories/56276

Source: secalert@redhat.com

Vendor Advisory

https://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc

Source: secalert@redhat.com

Vendor Advisory

https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html

Source: secalert@redhat.com

Patch Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html