CVE-2002-0666
FreeS/WAN and KAME - Denial of Service via Spoofed ESP Packet Length Miscount
Title source: llmDescription
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References (6)
Core 6
Core References
Vendor Advisory vendor-advisory
x_refsource_bindview
http://razor.bindview.com/publish/advisories/adv_ipsec.html
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10411.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6011
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2002/dsa-201
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/459371
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc
Scores
EPSS
0.0074
EPSS Percentile
73.2%
Details
Status
published
Products (24)
apple/mac_os_x
10.2
apple/mac_os_x_server
10.2
freebsd/freebsd
4.6 (3 CPE variants)
frees_wan/frees_wan
1.9
frees_wan/frees_wan
1.9.1
frees_wan/frees_wan
1.9.2
frees_wan/frees_wan
1.9.3
frees_wan/frees_wan
1.9.4
frees_wan/frees_wan
1.9.5
frees_wan/frees_wan
1.9.6
... and 14 more
Published
Nov 04, 2002
Tracked Since
Feb 18, 2026