The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Netbsd | Netbsd | 2.0.4 | 2.0.4 |
Netbsd | Netbsd | 2.1 | 2.1 |
Netbsd | Netbsd | 3.1 | 3.1 |
Netbsd | Netbsd | 2.0.2 | 2.0.2 |
Netbsd | Netbsd | 3.0.1 | 3.0.1 |
Netbsd_current | Netbsd | * | 20071027 |
Netbsd | Netbsd | 2.0.3 | 2.0.3 |
Netbsd | Netbsd | 3.0.2 | 3.0.2 |
Netbsd | Netbsd | 2.1.1 | 2.1.1 |
Netbsd | Netbsd | 2.0.1 | 2.0.1 |
Netbsd | Netbsd | 3.1 | 3.1 |
Netbsd | Netbsd | 3.0 | 3.0 |
Netbsd | Netbsd | 2.0 | 2.0 |
Netbsd | Netbsd | 3.1 | 3.1 |