CVE-2002-0414

2003-04-0205:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

JSON

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.

References

archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html

orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG

www.iss.net/security_center/static/8416.php

www.osvdb.org/5304

www.securityfocus.com/archive/1/259598

www.securityfocus.com/bid/4224