Apple Computer Inc. Information for VU#459371

Multiple IPsec implementations do not adequately validate authentication data



Vendor Statement

Vulnerable systems:

    Mac OS X 10.2
    Mac OS X Server 10.2

Fixed in:
    Mac OS X 10.2.1
    Mac OS X Server 10.2.1

Software updates are available from the "Software Update" pane in System Preferences or from the Apple Software Downloads site:
    Mac OS X Server Update 10.2.1

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References



    The CERT/CC has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.