7.5

CVE-2002-0414

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version4.2
FreebsdFreebsd Version4.3
FreebsdFreebsd Version4.4
FreebsdFreebsd Version4.5
NetbsdNetbsd Version1.5
NetbsdNetbsd Version1.5.1
NetbsdNetbsd Version1.5.2
OpenbsdOpenbsd Version2.6
OpenbsdOpenbsd Version2.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.4% 0.69
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html
http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG
http://www.iss.net/security_center/static/8416.php
Patch
Vendor Advisory
http://www.osvdb.org/5304
http://www.securityfocus.com/archive/1/259598
Vendor Advisory
http://www.securityfocus.com/bid/4224
Patch
Vendor Advisory