What is the severity of CVE-2002-0414?

CVE-2002-0414 has a moderate severity level due to its potential to allow forged packet forwarding.

How do I fix CVE-2002-0414?

To fix CVE-2002-0414, update your NetBSD, FreeBSD, or OpenBSD systems to versions that correct the Security Policy Database consulting issue.

What systems are affected by CVE-2002-0414?

CVE-2002-0414 affects NetBSD 1.5.2, FreeBSD 4.5, and certain other KAME-derived implementations.

What type of attack does CVE-2002-0414 enable?

CVE-2002-0414 can enable attackers to forward forged IPv4 packets through Security Gateways.

What is the cause of CVE-2002-0414?

CVE-2002-0414 is caused by improper consultation of the Security Policy Database in the affected IPsec implementations.

Vulnerability/
CVE-2002-0414

high

7.5

CWE

NVD-CWE-Other

12/8/2002

2/4/2003

8/8/2024

CVE-2002-0414

First published: Mon Aug 12 2002(Updated: )

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
NetBSD current	=1.5
FreeBSD Kernel	=4.5
OpenBSD	=2.7
NetBSD current	=1.5.1
FreeBSD Kernel	=4.4
NetBSD current	=1.5.2
FreeBSD Kernel	=4.2
FreeBSD Kernel	=4.3
OpenBSD	=2.6

Remedy

http://www.iss.net/security_center/static/8416.php

Remedy

http://www.securityfocus.com/bid/4224

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0414?
CVE-2002-0414 has a moderate severity level due to its potential to allow forged packet forwarding.
How do I fix CVE-2002-0414?
To fix CVE-2002-0414, update your NetBSD, FreeBSD, or OpenBSD systems to versions that correct the Security Policy Database consulting issue.
What systems are affected by CVE-2002-0414?
CVE-2002-0414 affects NetBSD 1.5.2, FreeBSD 4.5, and certain other KAME-derived implementations.
What type of attack does CVE-2002-0414 enable?
CVE-2002-0414 can enable attackers to forward forged IPv4 packets through Security Gateways.
What is the cause of CVE-2002-0414?
CVE-2002-0414 is caused by improper consultation of the Security Policy Database in the affected IPsec implementations.

agent/references
agent/type
agent/remedy
agent/first-publish-date
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
collector/nvd-historical
vendor/netbsd
product/netbsd
canonical/netbsd netbsd
vendor/freebsd
product/freebsd
canonical/freebsd freebsd
vendor/openbsd
product/openbsd
canonical/openbsd openbsd
agent/software-canonical-lookup-request
collector/nvd-index
agent/softwarecombine
agent/tags
canonical/netbsd current
version/netbsd current/1.5
canonical/freebsd kernel
version/freebsd kernel/4.5
canonical/openbsd
version/openbsd/2.7
version/netbsd current/1.5.1
version/freebsd kernel/4.4
version/netbsd current/1.5.2
version/freebsd kernel/4.2
version/freebsd kernel/4.3
version/openbsd/2.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.