PT-2002-1011 · Kame+1 · Kame+1

Publicado

2002-10-25

Atualizado

2008-09-10

CVE-2002-0666

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions FreeS/WAN (affected versions not specified) KAME (affected versions not specified)

Description The issue is related to IPSEC implementations, where the length of authentication data is not properly calculated. This allows remote attackers to cause a denial of service, resulting in a kernel panic, via spoofed, short Encapsulating Security Payload (ESP) packets. The exploitation of these vulnerabilities can lead to disruption of protected information and can be carried out remotely.

Recommendations For FreeS/WAN, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For KAME, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

BDU:2015-02886

CVE-2002-0666

DSA-201

Produtos afetados

Frees/Wan

Kame

PT-2002-1011 · Kame+1 · Kame+1

CVE-2002-0666

Identificadores relacionados

Produtos afetados

Referências · 10