CVE-2016-5361

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-5361
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5361.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-5361
Downstream
Published
2016-06-16T14:59:51.890Z
Modified
2025-11-20T10:28:40.462853Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.

References

Affected packages

Git / github.com/libreswan/libreswan

Affected ranges

Type
GIT
Repo
https://github.com/libreswan/libreswan
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
152d6d95632d8b9477c170f1de99bcd86d7fb1d6

Affected versions

0.*
0.9.9
2.*
2.4.4
2.4.5dr2
2.9
libreswan-0.*
libreswan-0.0.1
Other
pre_FreeBSD_merge_200607
snapshot-20060308
snapshot-20060316
v2.*
v2.4.10-merged-2.5.15
v2.5-last-stable-from-old-branch
v2.5.01
v2.5.03
v2.5.05
v2.5.08
v2.5.09
v2.5.0cl8
v2.5.0dr1
v2.5.0sbs
v2.5.0sbs1
v2.5.0sbs2
v2.5.0sbs3
v2.5.0sbs4
v2.5.0sbs5
v2.5.0sbs6
v2.5.10
v2.5.11
v2.5.12
v2.5.13
v2.5.14
v2.5.15
v2.5.16
v2.5.17
v2.6.01
v2.6.02
v2.6.03
v2.6.04
v2.6.05
v2.6.06
v2.6.07
v2.6.08
v2.6.09
v2.6.10
v2.6.11
v2.6.12
v2.6.13
v2.6.14
v2.6.15
v2.6.15dr2
v2.6.16
v2.6.16dr1
v2.6.16dr2
v2.6.16dr3
v2.6.16dr4
v2.6.16dr5
v2.6.17
v2.6.18
v2.6.18rc1
v2.6.19
v2.6.19dr1
v2.6.20
v2.6.20bis
v2.6.20rc2
v2.6.21
v2.6.22
v2.6.22dr1
v2.6.22dr2
v2.6.22rc1
v2.6.22rc2
v2.6.23
v2.6.23dr1
v2.6.23dr2
v2.6.23dr3
v2.6.24
v2.6.24rc1
v2.6.24rc2
v2.6.24rc3
v2.6.24rc4
v2.6.24rc5
v2.6.25
v2.6.25dr1
v2.6.26
v2.6.26dr1
v2.6.26rc1
v2.6.27
v2.6.27dr1
v2.6.27dr2
v2.6.27rc1
v2.6.28
v2.6.28dr1
v2.6.28dr2
v2.6.28dr3
v2.6.28dr4
v2.6.28dr5
v2.6.28dr6
v2.6.28dr7
v2.6.28rc1
v2.6.28rc2
v2.6.29
v2.6.29dr1
v2.6.29dr10
v2.6.29dr11
v2.6.29dr12
v2.6.29dr13
v2.6.29dr14
v2.6.29dr15
v2.6.29dr17
v2.6.29dr2
v2.6.29dr3
v2.6.29dr4
v2.6.29dr5
v2.6.29dr6
v2.6.29dr7
v2.6.29dr8
v2.6.29dr9
v2.6.29rc1
v2.6.29rc2
v2.6.30
v2.6.30dr1
v2.6.30dr2
v2.6.30dr3
v2.6.30rc1
v2.6.31
v2.6.32
v2.6.32dr1
v2.6.32dr2
v2.6.32dr3
v2.6.32dr4
v2.6.32dr5
v2.6.32rc1
v2.6.32rc2
v2.6.32rc3
v2.6.32rc4
v2.6.32rc5
v2.6.32rc6
v2.6.32rc7
v2.6.32rc8
v2.6.32rc9
v2.6.33
v2.6.33dr1
v2.6.33dr2
v2.6.33rc1
v2.6.34
v2.6.34dr1
v2.6.34dr2
v2.6.34rc1
v2.6.34rc2
v2.6.34rc3
v2.6.34rc4
v2.6.34rc5
v2.6.34rc6
v2.6.35
v2.6.35dr1
v2.6.35rc1
v2.6.36
v2.6.36dr1
v2.6.36rc1
v2.6.37
v2.6.38
v2.6.38dr2
v2.6.38rc1
v2.6.38rc2
v2.9
v2.91
v2.92
v2.93
v2.94
v2.999
v3.*
v3.0
v3.1
v3.10
v3.10dr1
v3.10rc1
v3.10rc2
v3.11
v3.11dr1
v3.12
v3.12rc1
v3.14
v3.14rc1
v3.14rc2
v3.14rc3
v3.15
v3.16
v3.16rc2
v3.16rc3
v3.2
v3.2rc1
v3.3
v3.4
v3.5
v3.6
v3.7
v3.8
v3.9
v3.9rc1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5361.json"
vanir_signatures 
[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/libreswan/libreswan/commit/152d6d95632d8b9477c170f1de99bcd86d7fb1d6",
        "digest": {
            "line_hashes": [
                "86627652806821049497760891271003665430",
                "24201487968202576802260686202049093523",
                "142477410369922442914278731243663070207",
                "195996895018841027013861365178908799237",
                "199365784008076806722690670567754263660",
                "52319542269660515301921632493320412069",
                "304808937194196592359069955689753404872",
                "118760132748077652429291308902925545452",
                "211774493758382654980443649852360948765",
                "231585294691260960408558666364681762806",
                "3644685348924904675938374493361824857",
                "339878537889588885421261336996675171510",
                "98931066176891567730705546114123706351",
                "284659102604748356818408872773795585832",
                "263710493929765914036940580108869563612",
                "143853084601102197712553163232762326593"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2016-5361-dd7ca340",
        "deprecated": false,
        "target": {
            "file": "programs/pluto/ikev1.c"
        }
    }
]