Vulnerabilites related to nec - ix1011
cve-2002-0666
Vulnerability from cvelistv5
Published
2002-10-25 04:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://razor.bindview.com/publish/advisories/adv_ipsec.html | vendor-advisory, x_refsource_BINDVIEW | |
| http://www.iss.net/security_center/static/10411.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/6011 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2002/dsa-201 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.kb.cert.org/vuls/id/459371 | third-party-advisory, x_refsource_CERT-VN | |
| ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc | vendor-advisory, x_refsource_NETBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW",
"x_transferred"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"refsource": "BINDVIEW",
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0666",
"datePublished": "2002-10-25T04:00:00",
"dateReserved": "2002-07-08T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-200211-0071
Vulnerability from variot
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. IBM AIX In IPSec of esp4_input() There is a vulnerability in the function that does not properly check the integrity of authentication data.There is a possibility of a kernel panic condition. A vulnerability in several implementations of IPSec related to handling of malformed ESP packets has been reported. On several systems, the conditions may be exploited to cause kernel panics. IPSEC is a set of IP security extensions that provide verification and encryption functions. It includes two types of packets, ESP and AH, represented by IP protocols 50 and 51 respectively. Several IPSec implementations have a vulnerability. Remote attackers can exploit this vulnerability to conduct denial of service attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200211-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.5"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.1"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.4"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.2"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.6"
},
{
"model": "frees wan",
"scope": "eq",
"trust": 1.6,
"vendor": "frees wan",
"version": "1.9.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "gnat box",
"scope": "eq",
"trust": 1.0,
"vendor": "global associates",
"version": "3.3"
},
{
"model": "ix1010",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "ix1050",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "gnat box",
"scope": "eq",
"trust": 1.0,
"vendor": "global associates",
"version": "3.2"
},
{
"model": "bluefire ix1035 router",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "gnat box",
"scope": "eq",
"trust": 1.0,
"vendor": "global associates",
"version": "3.1"
},
{
"model": "ix1011",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "ix1020",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "ix2010",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": "*"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "frees wan",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet initiative iij",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kame",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "esoft",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5x86"
},
{
"model": "sh3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "ix2010",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "ix1050",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "ix1020",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "ix1011",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "ix1010",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "bluefire ix1035",
"scope": null,
"trust": 0.3,
"vendor": "nec",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "technology associates gnat box",
"scope": "eq",
"trust": 0.3,
"vendor": "global",
"version": "3.3"
},
{
"model": "technology associates gnat box",
"scope": "eq",
"trust": 0.3,
"vendor": "global",
"version": "3.2"
},
{
"model": "technology associates gnat box",
"scope": "eq",
"trust": 0.3,
"vendor": "global",
"version": "3.1"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.6"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.5"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.4"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.3"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.2"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9.1"
},
{
"model": "frees/wan",
"scope": "eq",
"trust": 0.3,
"vendor": "frees wan",
"version": "1.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "instagate xsp business",
"scope": null,
"trust": 0.3,
"vendor": "esoft",
"version": null
},
{
"model": "instagate xsp branch",
"scope": null,
"trust": 0.3,
"vendor": "esoft",
"version": null
},
{
"model": "instagate pro",
"scope": null,
"trust": 0.3,
"vendor": "esoft",
"version": null
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.3"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.2"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "3.210"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "3.200"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.030"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.027"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.026"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.025"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.024"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.023"
},
{
"model": "security linux",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "2.016"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "security linux",
"scope": "ne",
"trust": 0.3,
"vendor": "astaro",
"version": "3.211"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "BID",
"id": "6011"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Todd Sabin of Bindview.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0666",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0666",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5057",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0666",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#459371",
"trust": 0.8,
"value": "5.14"
},
{
"author": "NVD",
"id": "CVE-2002-0666",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200211-002",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5057",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "VULHUB",
"id": "VHN-5057"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. IBM AIX In IPSec of esp4_input() There is a vulnerability in the function that does not properly check the integrity of authentication data.There is a possibility of a kernel panic condition. A vulnerability in several implementations of IPSec related to handling of malformed ESP packets has been reported. On several systems, the conditions may be exploited to cause kernel panics. IPSEC is a set of IP security extensions that provide verification and encryption functions. It includes two types of packets, ESP and AH, represented by IP protocols 50 and 51 respectively. Several IPSec implementations have a vulnerability. Remote attackers can exploit this vulnerability to conduct denial of service attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0666"
},
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "BID",
"id": "6011"
},
{
"db": "VULHUB",
"id": "VHN-5057"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#459371",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2002-0666",
"trust": 2.8
},
{
"db": "BID",
"id": "6011",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002",
"trust": 0.7
},
{
"db": "BINDVIEW",
"id": "20021018 DENIAL OF SERVICE IN IPSEC IMPLEMENTATIONS",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2002-016",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-201",
"trust": 0.6
},
{
"db": "XF",
"id": "10411",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5057",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "VULHUB",
"id": "VHN-5057"
},
{
"db": "BID",
"id": "6011"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"id": "VAR-200211-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5057"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T23:03:16.043000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"trust": 3.8,
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"trust": 3.5,
"url": "http://www.securityfocus.com/bid/6011"
},
{
"trust": 2.7,
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"trust": 2.7,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2002-016.txt.asc"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2401.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2402.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2406.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0666"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0666"
},
{
"trust": 0.3,
"url": "http://www.astaro.org/cgi/ultimatebb.cgi?ubb=get_topic;f=1;t=000137"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "VULHUB",
"id": "VHN-5057"
},
{
"db": "BID",
"id": "6011"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#459371"
},
{
"db": "VULHUB",
"id": "VHN-5057"
},
{
"db": "BID",
"id": "6011"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-17T00:00:00",
"db": "CERT/CC",
"id": "VU#459371"
},
{
"date": "2002-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5057"
},
{
"date": "2002-10-19T00:00:00",
"db": "BID",
"id": "6011"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"date": "2002-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"date": "2002-11-04T05:00:00",
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-01-06T00:00:00",
"db": "CERT/CC",
"id": "VU#459371"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-5057"
},
{
"date": "2009-07-11T18:06:00",
"db": "BID",
"id": "6011"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000311"
},
{
"date": "2012-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-002"
},
{
"date": "2024-11-20T23:39:35.740000",
"db": "NVD",
"id": "CVE-2002-0666"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple IPsec implementations do not adequately validate authentication data",
"sources": [
{
"db": "CERT/CC",
"id": "VU#459371"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-002"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2002-11-04 05:00
Modified
2024-11-20 23:39
Severity ?
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| frees_wan | frees_wan | 1.9 | |
| frees_wan | frees_wan | 1.9.1 | |
| frees_wan | frees_wan | 1.9.2 | |
| frees_wan | frees_wan | 1.9.3 | |
| frees_wan | frees_wan | 1.9.4 | |
| frees_wan | frees_wan | 1.9.5 | |
| frees_wan | frees_wan | 1.9.6 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x_server | 10.2 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| global_technology_associates | gnat_box_firmware | 3.1 | |
| global_technology_associates | gnat_box_firmware | 3.2 | |
| global_technology_associates | gnat_box_firmware | 3.3 | |
| nec | bluefire_ix1035_router | * | |
| nec | ix1010 | * | |
| nec | ix1011 | * | |
| nec | ix1020 | * | |
| nec | ix1050 | * | |
| nec | ix2010 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66D34B-9044-4F34-B367-55967EE92FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "907622BF-3B1E-4A89-A414-60DD0559463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "308CBFAA-D513-4593-81E8-4CC025E5853C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7711EC06-B983-4E8C-AC4A-24C3A5AD64AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29E5A0BA-BC40-4D53-8A34-D9E1D88C0453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA91E2-C599-4192-8BBC-A151A1D283A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F10EA9F4-5878-4AFB-BAB6-B2C9728AF3DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD478B7E-83ED-47CD-AE00-705F2255E64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AC90C735-4002-40A3-B0C8-A684A5DF99A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "236F09EF-A0B5-465D-9041-D389AB3EAA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:bluefire_ix1035_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB64A3D-0C14-441D-8A4E-E4EF94FA7A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7FB074-B218-408B-AA86-941824B1758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1011:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4FB687-87F6-47CC-95F8-EB4D4396184D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98BA9566-EE28-4025-A6DC-B7F81FC41BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4331351A-D97B-4874-8370-83A20E598E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8AA729-DF24-4AA2-800C-1DFEF9E1EF18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
},
{
"lang": "es",
"value": "Implementaciones de IPSEC, incluyendo FreeS/WAN y KAME no calculan adecuadamente la longitud de los datos de autenticaci\u00f3n, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (kernel panic) mediante paquetes Encapsulating Security Payload (EPS) cortos falsificados, lo que resulta en errores de enteros sin signos."
}
],
"id": "CVE-2002-0666",
"lastModified": "2024-11-20T23:39:35.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}