CVE-2008-1335
Title: Netbsd Netbsd
Other
Proof Of Concept
No public PoC currently indexed for CVE-2008-1335.
CWE Category
NVD-CWE-noinfo
Published Date
Mar 13, 2008
Modified Date
Apr 09, 2025
Exploit Status
Not Found
Score
9.3
CVSS v2.0
Exploit Probability (EPSS)
0.41%
Vulnerability Summary
CVE-2008-1335: The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
Impacted Vendors
Reference Links
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
http://secunia.com/advisories/29180
http://securitytracker.com/id?1019533
http://www.securityfocus.com/bid/28045
ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc
http://secunia.com/advisories/29180
http://securitytracker.com/id?1019533
http://www.securityfocus.com/bid/28045
CVSS v2.0
Source Entity
[email protected]
Severity
HIGH
9.3
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:M/Au:N/C:C/I:C/A:C
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2008-1335 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Stack
No specific products linked.