PT-2002-1011 · Kame+1 · Kame+1

Published

2002-10-25

Updated

2008-09-10

CVE-2002-0666

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions FreeS/WAN (affected versions not specified) KAME (affected versions not specified)

Description The issue is related to IPSEC implementations, where the length of authentication data is not properly calculated. This allows remote attackers to cause a denial of service, resulting in a kernel panic, via spoofed, short Encapsulating Security Payload (ESP) packets. The exploitation of these vulnerabilities can lead to disruption of protected information and can be carried out remotely.

Recommendations For FreeS/WAN, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For KAME, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-02886

CVE-2002-0666

DSA-201

Affected Products

Frees/Wan

Kame

PT-2002-1011 · Kame+1 · Kame+1

CVE-2002-0666

Related Identifiers

Affected Products

References · 10