9.3
CVE-2008-1335
- EPSS 0.3%
- Published 13.03.2008 18:44:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
Data is provided by the National Vulnerability Database (NVD)
Netbsd ≫ Netbsd Current Version <= 20071027
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.505 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|