CVE-2002-0414

Published: Aug 12, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.

Affected (9)

Products: Freebsd: Freebsd · Netbsd: Netbsd · Openbsd: Openbsd

1 product

1 product

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Freebsd Freebsd	Version 4.2
Freebsd Freebsd	Version 4.3
Freebsd Freebsd	Version 4.4
Freebsd Freebsd	Version 4.5
Netbsd Netbsd	Version 1.5.1
Netbsd Netbsd	Version 1.5.2
Netbsd Netbsd	Version 1.5
Openbsd Openbsd	Version 2.6
Openbsd Openbsd	Version 2.7

References (12)

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html

Source: cve@mitre.org

http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG

Source: cve@mitre.org

http://www.iss.net/security_center/static/8416.php

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/5304

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/259598

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/4224

Source: cve@mitre.org

PatchVendor Advisory

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/8416.php

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/5304

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/259598

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/4224

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.