A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE up to and including 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote malicious users to capture IPSec packets and conduct replay attacks.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
freebsd freebsd 4.10 |
||
freebsd freebsd 4.8 |
||
freebsd freebsd 5.0 |
||
freebsd freebsd 5.1 |
||
freebsd freebsd 5.3 |
||
freebsd freebsd 6.0 |
||
freebsd freebsd 4.11 |
||
freebsd freebsd 4.9 |
||
netbsd netbsd 2.0 |
||
netbsd netbsd 3.0 |
||
freebsd freebsd 5.2 |
||
freebsd freebsd 5.4 |
||
freebsd freebsd 5.2.1 |
Vulmon