CVE-2015-4047
CVE-2015-4047 is a high-severity vulnerability in Ipsec-tools with a CVSS 2.0 base score of 7.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-476.
Key facts
- Severity: High (CVSS 2.0 base score 7.8)
- EPSS exploit prediction: 10% (95th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-476
- Affected product: Ipsec-tools
- Published:
- Last modified:
Description
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
Frequently asked questions
- What is CVE-2015-4047?
- racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
- How severe is CVE-2015-4047?
- CVE-2015-4047 has a CVSS 2.0 base score of 7.8, rated high severity.
- Is CVE-2015-4047 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 10% (95th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2015-4047?
- CVE-2015-4047 primarily affects Ipsec-tools. In total, 37 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2015-4047?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2015-4047 published?
- CVE-2015-4047 was published on 2015-05-29 and last updated on 2026-06-17.
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159549.html
- http://packetstormsecurity.com/files/131992/IPsec-Tools-0.8.2-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2015/May/81
- http://seclists.org/fulldisclosure/2015/May/83
- http://www.debian.org/security/2015/dsa-3272
- http://www.openwall.com/lists/oss-security/2015/05/20/1
- http://www.openwall.com/lists/oss-security/2015/05/21/11
- http://www.securityfocus.com/bid/74739
- http://www.securitytracker.com/id/1032397
- http://www.ubuntu.com/usn/USN-2623-1
- https://support.f5.com/csp/article/K05013313
- https://www.altsci.com/ipsec/ipsec-tools-sa.html
Affected products (37)
- cpe:2.3:a:ipsec-tools:ipsec-tools:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
More vulnerabilities in Ipsec-tools
- CVE-2004-0607 — Critical (CVSS 10.0): The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails,…
- CVE-2008-3652 — High (CVSS 7.8): src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been…
- CVE-2005-3732 — High (CVSS 7.8): The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when…
- CVE-2016-10396 — High (CVSS 7.5): The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and…
- CVE-2009-1632 — Medium (CVSS 5.0): Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory…
- CVE-2009-1574 — Medium (CVSS 5.0): racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via…
All CVEs affecting Ipsec-tools →
Other CWE-476 (NULL Pointer Dereference) vulnerabilities
- CVE-2022-36648 — Critical (CVSS 10.0): The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier,…
- CVE-2020-14500 — Critical (CVSS 10.0): Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.
- CVE-2010-2495 — Critical (CVSS 10.0): The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does…
- CVE-2026-46195 — Critical (CVSS 9.8): In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building…
- CVE-2026-31657 — Critical (CVSS 9.8): In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by…
- CVE-2026-31436 — Critical (CVSS 9.8): In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor…
Browse all CWE-476 (NULL Pointer Dereference) vulnerabilities →