First published: Fri Oct 25 2002(Updated: )
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Frees Wan Frees Wan | =1.9 | |
Frees Wan Frees Wan | =1.9.1 | |
Frees Wan Frees Wan | =1.9.2 | |
Frees Wan Frees Wan | =1.9.3 | |
Frees Wan Frees Wan | =1.9.4 | |
Frees Wan Frees Wan | =1.9.5 | |
Frees Wan Frees Wan | =1.9.6 | |
Apple Mac OS X | =10.2 | |
Apple Mac OS X Server | =10.2 | |
FreeBSD FreeBSD | =4.6 | |
FreeBSD FreeBSD | =4.6-release | |
FreeBSD FreeBSD | =4.6-stable | |
NetBSD NetBSD | =1.5 | |
NetBSD NetBSD | =1.5 | |
NetBSD NetBSD | =1.5 | |
NetBSD NetBSD | =1.5.1 | |
NetBSD NetBSD | =1.5.2 | |
NetBSD NetBSD | =1.5.3 | |
NetBSD NetBSD | =1.6-beta | |
Global Technology Associates Gnat Box Firmware | =3.1 | |
Global Technology Associates Gnat Box Firmware | =3.2 | |
Global Technology Associates Gnat Box Firmware | =3.3 | |
Nec Bluefire Ix1035 Router | ||
Nec Ix1010 | ||
Nec Ix1011 | ||
Nec Ix1020 | ||
Nec Ix1050 | ||
Nec Ix2010 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.