IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apple | mac_os_x_server | 10.2 |
| frees_wan | frees_wan | 1.9.3 |
| frees_wan | frees_wan | 1.9.1 |
| global_technology_associates | gnat_box_firmware | 3.1 |
| netbsd | netbsd | 1.5.3 |
| nec | ix1010 | * |
| netbsd | netbsd | 1.6 |
| nec | bluefire_ix1035_router | * |
| frees_wan | frees_wan | 1.9.2 |
| netbsd | netbsd | 1.5 |
| frees_wan | frees_wan | 1.9 |
| frees_wan | frees_wan | 1.9.6 |
| nec | ix1020 | * |
| apple | mac_os_x | 10.2 |
| global_technology_associates | gnat_box_firmware | 3.2 |
| netbsd | netbsd | 1.5.2 |
| nec | ix1050 | * |
| netbsd | netbsd | 1.5.1 |
| frees_wan | frees_wan | 1.9.4 |
| nec | ix1011 | * |
| nec | ix2010 | * |
| freebsd | freebsd | 4.6 |
| global_technology_associates | gnat_box_firmware | 3.3 |
| frees_wan | frees_wan | 1.9.5 |