IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-10-25T04:00:00

Updated: 2024-08-08T02:56:38.381Z

Reserved: 2002-07-08T00:00:00

Link: CVE-2002-0666

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-11-04T05:00:00.000

Modified: 2024-11-20T23:39:35.740

Link: CVE-2002-0666

cve-icon Redhat

No data.