Vulnerabilities > CVE-2001-0284 - Denial-Of-Service vulnerability in OpenBSD

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

openbsd

critical

NVD

Published: 2001-05-03

Updated: 2008-09-10

Summary

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd - Openbsd Openbsd 2.0 Openbsd Openbsd 2.1 Openbsd Openbsd 2.2 Openbsd Openbsd 2.3 Openbsd Openbsd 2.4 Openbsd Openbsd 2.5 Openbsd Openbsd 2.6 Openbsd Openbsd 2.7 Openbsd Openbsd 2.8	10

References

http://www.openbsd.org/errata.html#ipsec_ah
http://www.osvdb.org/6026