Apple's Mac OS X IPSec implementation does not properly filter certain types of IP traffic.
Apple Mac OS X contains an implementation of the IP Security Protocol (IPSec). A vulnerability in this implementation may allow a remote attacker to exchange traffic with a host that should not be reachable. For further details, please see Apple Security Update Article ID 61798.
A remote attacker may be able to bypass IPSec ACLs and reach a system that should not be reachable.
Apply a patch.
The CERT/CC thanks Apple for providing Apple Security Update Article ID 61798 upon which this document is based.
This document was written by Ian A Finlay.
|Date First Published:||2003-05-19|
|Date Last Updated:||2003-05-19 17:34 UTC|