CVE-2002-0666

Published: 04/11/2002 Updated: 10/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote malicious users to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
frees wan frees wan 1.9.1
frees wan frees wan 1.9.2
frees wan frees wan 1.9
frees wan frees wan 1.9.6
frees wan frees wan 1.9.4
frees wan frees wan 1.9.3
frees wan frees wan 1.9.5
netbsd netbsd 1.5.3
netbsd netbsd 1.5
freebsd freebsd 4.6
netbsd netbsd 1.6
netbsd netbsd 1.5.1
netbsd netbsd 1.5.2
apple mac os x server 10.2
apple mac os x 10.2
global technology associates gnat box firmware 3.3
nec ix2010
nec ix1011
nec bluefire ix1035 router
global technology associates gnat box firmware 3.1
global technology associates gnat box firmware 3.2
nec ix1010
nec ix1020
nec ix1050

Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets IPSEC is a set of security extensions to IP which provide authentication and encryption Free/SWan in Debian is affected by this and is said to cause a kernel panic This problem has been fixed in version 196-14 for the current s ...

NVD-CWE-Other http://razor.bindview.com/publish/advisories/adv_ipsec.html http://www.kb.cert.org/vuls/id/459371 http://www.iss.net/security_center/static/10411.php http://www.debian.org/security/2002/dsa-201 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc http://www.securityfocus.com/bid/6011 https://nvd.nist.gov https://www.debian.org/security/./dsa-201 https://www.kb.cert.org/vuls/id/459371

CVE-2002-0666

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect