CVE-2002-0666 : Detail

CVE-2002-0666

5.87%V3
Network
2002-10-25
02h00 +00:00
2005-05-31
22h00 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Frees_wan>>Frees_wan >> Version 1.9

    Frees_wan>>Frees_wan >> Version 1.9.1

      Frees_wan>>Frees_wan >> Version 1.9.2

        Frees_wan>>Frees_wan >> Version 1.9.3

          Frees_wan>>Frees_wan >> Version 1.9.4

            Frees_wan>>Frees_wan >> Version 1.9.5

              Frees_wan>>Frees_wan >> Version 1.9.6

                Configuraton 0

                Apple>>Mac_os_x >> Version 10.2

                Apple>>Mac_os_x_server >> Version 10.2

                Freebsd>>Freebsd >> Version 4.6

                Freebsd>>Freebsd >> Version 4.6

                  Freebsd>>Freebsd >> Version 4.6

                    Netbsd>>Netbsd >> Version 1.5

                    Netbsd>>Netbsd >> Version 1.5

                      Netbsd>>Netbsd >> Version 1.5

                        Netbsd>>Netbsd >> Version 1.5.1

                        Netbsd>>Netbsd >> Version 1.5.2

                        Netbsd>>Netbsd >> Version 1.5.3

                        Netbsd>>Netbsd >> Version 1.6

                        Configuraton 0

                        Global_technology_associates>>Gnat_box_firmware >> Version 3.1

                          Global_technology_associates>>Gnat_box_firmware >> Version 3.2

                            Global_technology_associates>>Gnat_box_firmware >> Version 3.3

                              Nec>>Bluefire_ix1035_router >> Version *

                              Nec>>Ix1010 >> Version *

                              Nec>>Ix1011 >> Version *

                              Nec>>Ix1020 >> Version *

                              Nec>>Ix1050 >> Version *

                              Nec>>Ix2010 >> Version *

                              References

                              http://razor.bindview.com/publish/advisories/adv_ipsec.html
                              Tags : vendor-advisory, x_refsource_BINDVIEW
                              http://www.securityfocus.com/bid/6011
                              Tags : vdb-entry, x_refsource_BID
                              http://www.debian.org/security/2002/dsa-201
                              Tags : vendor-advisory, x_refsource_DEBIAN
                              http://www.kb.cert.org/vuls/id/459371
                              Tags : third-party-advisory, x_refsource_CERT-VN