CVE-2008-1335

Name of the Vulnerable Software and Affected Versions NetBSD versions 2.0 through 3.1 NetBSD-current before 20071028

Description The issue allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine. This occurs when the fast ipsec subsystem is enabled.

Recommendations For NetBSD versions 2.0 through 3.1, consider disabling the fast ipsec subsystem until a patch is available. For NetBSD-current before 20071028, update to a version after 20071028 to resolve the issue.