Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-5361

EPSS 0.95% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-5361

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Libreswan 拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Libreswan是软件开发者Paul Wouters所研发的一个类似于Openswan的IPsec实现,它主要用于保证数据传输中的安全性、完整性问题。 Libreswan 3.17之前版本的programs/pluto/ikev1.c文化中存在安全漏洞,该漏洞源于程序在initial-responder状态执行重发操作。远程攻击者可通过发送伪造的UDP数据包利用该漏洞造成拒绝服务(流量放大)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2016-5361

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-5361

登录查看更多情报信息。

Same Patch Batch · n/a · 2016-06-16 · 94 CVEs total

CVE-2016-0200Microsoft Internet Explorer 内存损坏漏洞
CVE-2016-0025Microsoft Office 内存损坏漏洞
CVE-2016-4167Adobe DNG Software Development Kit 安全漏洞
CVE-2016-4163多款Adobe产品安全漏洞
CVE-2016-4162多款Adobe产品安全漏洞
CVE-2016-4161多款Adobe产品安全漏洞
CVE-2016-4160多款Adobe产品安全漏洞
CVE-2016-4159Adobe ColdFusion 跨站脚本漏洞
CVE-2016-4164Adobe Brackets 跨站脚本漏洞
CVE-2016-0199Microsoft Internet Explorer 内存损坏漏洞
CVE-2016-0028Microsoft Exchange 信息泄漏漏洞
CVE-2016-3198Microsoft Edge 安全功能绕过漏洞
CVE-2016-3199Microsoft Edge Chakra JavaScript脚本引擎内存损坏漏洞
CVE-2016-3201Microsoft Windows和Microsoft Edge PDF 信息泄露漏洞
CVE-2016-3202Microsoft 脚本引擎内存损坏漏洞
CVE-2016-3203Microsoft Windows和Microsoft Edge PDF 远程代码执行漏洞
CVE-2016-3205Microsoft Internet Explorer 脚本引擎内存损坏漏洞
CVE-2016-3206Microsoft Internet Explorer 脚本引擎内存损坏漏洞
CVE-2016-3207Microsoft Internet Explorer 脚本引擎内存损坏漏洞
CVE-2016-3210Microsoft Internet Explorer 脚本引擎内存损坏漏洞

Showing top 20 of 94 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2016-5361

No comments yet

Leave a comment