A programming error in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freebsd | Freebsd | 4.8 | 4.8 |
Freebsd | Freebsd | 5.4 | 5.4 |
Freebsd | Freebsd | 5.3 | 5.3 |
Freebsd | Freebsd | 5.1 | 5.1 |
Freebsd | Freebsd | 5.3 | 5.3 |
Freebsd | Freebsd | 5.1 | 5.1 |
Freebsd | Freebsd | 5.2.1 | 5.2.1 |
Freebsd | Freebsd | 5.0 | 5.0 |
Freebsd | Freebsd | 5.1 | 5.1 |
Freebsd | Freebsd | 5.0 | 5.0 |
Freebsd | Freebsd | 5.1 | 5.1 |
Freebsd | Freebsd | 4.10 | 4.10 |
Freebsd | Freebsd | 4.11 | 4.11 |
Freebsd | Freebsd | 4.10 | 4.10 |
Freebsd | Freebsd | 4.9 | 4.9 |
Freebsd | Freebsd | 5.1 | 5.1 |
Freebsd | Freebsd | 4.9 | 4.9 |
Freebsd | Freebsd | 4.8 | 4.8 |
Freebsd | Freebsd | 5.4 | 5.4 |
Freebsd | Freebsd | 5.2 | 5.2 |
Freebsd | Freebsd | 4.11 | 4.11 |
Freebsd | Freebsd | 4.10 | 4.10 |
Freebsd | Freebsd | 4.8 | 4.8 |
Freebsd | Freebsd | 5.4 | 5.4 |
Freebsd | Freebsd | 6.0 | 6.0 |
Freebsd | Freebsd | 4.10 | 4.10 |
Freebsd | Freebsd | 5.4 | 5.4 |
Freebsd | Freebsd | 5.0 | 5.0 |
Netbsd | Netbsd | 3.0 | 3.0 |
Freebsd | Freebsd | 5.2.1 | 5.2.1 |
Freebsd | Freebsd | 4.8 | 4.8 |
Freebsd | Freebsd | 5.0 | 5.0 |
Netbsd | Netbsd | 2.0 | 2.0 |
Freebsd | Freebsd | 6.0 | 6.0 |
Freebsd | Freebsd | 5.3 | 5.3 |
Freebsd | Freebsd | 4.9 | 4.9 |
Freebsd | Freebsd | 5.3 | 5.3 |
Freebsd | Freebsd | 4.11 | 4.11 |