Flaw:NetBSD IPSec implementation

According to an alert from NetBSD, the KAME-based IPSec implementation included in NetBSD was missing some packet length checks, and could be tricked into passing negative value as buffer length.

By transmitting a specially formed (very short) ESP packet, a malicious sender can cause a cause kernel panic on the victim node.

For more, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments