Vulnerability Description
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netbsd | Netbsd | 2.0 |
| Netbsd | Netbsd Current | <= 20071027 |
References
- ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
- http://secunia.com/advisories/29180
- http://securitytracker.com/id?1019533
- http://www.securityfocus.com/bid/28045
- ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
- http://secunia.com/advisories/29180
- http://securitytracker.com/id?1019533
- http://www.securityfocus.com/bid/28045
FAQ
What is CVE-2008-1335?
CVE-2008-1335 is a vulnerability with a CVSS score of 9.3 (HIGH). The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by ...
How severe is CVE-2008-1335?
CVE-2008-1335 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1335?
Check the references section above for vendor advisories and patch information. Affected products include: Netbsd Netbsd, Netbsd Netbsd Current.