FreeBSD IPsec Replay Vulnerability

FreeBSD's IPsec implementation is susceptible to remote replay attacks. This issue is due to the improper handling of sequence numbers in IPsec packets.

This issue allows remote attackers to replay IPsec traffic. The exact consequences of successful attacks depend on the nature of the traffic being replayed. This will likely affect only higher-level protocols such as UDP, since they don't provide their own anti-replay features.


Privacy Statement
Copyright 2010, SecurityFocus