CVE-2002-0666

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:frees_wan:frees_wan:1.9:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.4:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.5:*:*:*:*:*:*:*
cpe:2.3:a:frees_wan:frees_wan:1.9.6:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.1:*:*:*:*:*:*:*
cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.2:*:*:*:*:*:*:*
cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.3:*:*:*:*:*:*:*
cpe:2.3:h:nec:bluefire_ix1035_router:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:ix1010:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:ix1011:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:ix1020:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:ix1050:*:*:*:*:*:*:*:*
cpe:2.3:h:nec:ix2010:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:39

Type Values Removed Values Added
References () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc - () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc -
References () http://razor.bindview.com/publish/advisories/adv_ipsec.html - Vendor Advisory () http://razor.bindview.com/publish/advisories/adv_ipsec.html - Vendor Advisory
References () http://www.debian.org/security/2002/dsa-201 - () http://www.debian.org/security/2002/dsa-201 -
References () http://www.iss.net/security_center/static/10411.php - Vendor Advisory () http://www.iss.net/security_center/static/10411.php - Vendor Advisory
References () http://www.kb.cert.org/vuls/id/459371 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/459371 - Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/6011 - () http://www.securityfocus.com/bid/6011 -

Information

Published : 2002-11-04 05:00

Updated : 2024-11-20 23:39


NVD link : CVE-2002-0666

Mitre link : CVE-2002-0666

CVE.ORG link : CVE-2002-0666


JSON object : View

Products Affected

apple

  • mac_os_x
  • mac_os_x_server

netbsd

  • netbsd

nec

  • bluefire_ix1035_router
  • ix1011
  • ix2010
  • ix1050
  • ix1010
  • ix1020

freebsd

  • freebsd

frees_wan

  • frees_wan

global_technology_associates

  • gnat_box_firmware