CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name	Vendor	Start Version	End Version
Ipsec-tools	Ipsec-tools	0.8.2 (including)	0.8.2 (including)

Potential Mitigations

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html
http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2015/May/81
http://seclists.org/fulldisclosure/2015/May/83
http://www.debian.org/security/2015/dsa-3272
http://www.openwall.com/lists/oss-security/2015/05/20/1
http://www.openwall.com/lists/oss-security/2015/05/21/11
http://www.securityfocus.com/bid/74739
http://www.securitytracker.com/id/1032397
http://www.ubuntu.com/usn/USN-2623-1
https://support.f5.com/csp/article/K05013313
https://www.altsci.com/ipsec/ipsec-tools-sa.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-4047
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References