CVE-2008-1335

The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
netbsdnetbsd
2.0
netbsdnetbsd
2.0.1
netbsdnetbsd
2.0.2
netbsdnetbsd
2.0.3
netbsdnetbsd
2.0.4
netbsdnetbsd
2.1
netbsdnetbsd
2.1.1
netbsdnetbsd
3.0
netbsdnetbsd
3.0.1
netbsdnetbsd
3.0.2
netbsdnetbsd
3.1
netbsdnetbsd
3.1:rc1
netbsdnetbsd
3.1:rc3
netbsdnetbsd_current
𝑥
≤ 20071027
𝑥
= Vulnerable software versions
References
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
http://secunia.com/advisories/29180
http://securitytracker.com/id?1019533
http://www.securityfocus.com/bid/28045
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
http://secunia.com/advisories/29180
http://securitytracker.com/id?1019533
http://www.securityfocus.com/bid/28045