Published: 04/11/2002 Updated: 10/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote malicious users to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
frees wan frees wan 1.9
frees wan frees wan 1.9.1
frees wan frees wan 1.9.3
frees wan frees wan 1.9.5
frees wan frees wan 1.9.2
frees wan frees wan 1.9.4
frees wan frees wan 1.9.6
apple mac os x 10.2
apple mac os x server 10.2
freebsd freebsd 4.6
netbsd netbsd 1.5.2
netbsd netbsd 1.5.3
netbsd netbsd 1.5
netbsd netbsd 1.5.1
netbsd netbsd 1.6
global technology associates gnat box firmware 3.3
nec bluefire ix1035 router
nec ix1010
nec ix1011
global technology associates gnat box firmware 3.1
nec ix1050
global technology associates gnat box firmware 3.2
nec ix1020
nec ix2010

Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets IPSEC is a set of security extensions to IP which provide authentication and encryption Free/SWan in Debian is affected by this and is said to cause a kernel panic This problem has been fixed in version 196-14 for the current s ...

NVD-CWE-Other http://razor.bindview.com/publish/advisories/adv_ipsec.html http://www.kb.cert.org/vuls/id/459371 http://www.iss.net/security_center/static/10411.php http://www.debian.org/security/2002/dsa-201 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc http://www.securityfocus.com/bid/6011 https://nvd.nist.gov https://www.debian.org/security/./dsa-201 https://www.kb.cert.org/vuls/id/459371

CVE-2002-0666

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect