[原文]Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
A remote overflow exists in OpenBSD. The system fails to validate AH IPv4 options resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or possibly execute arbitrary code resulting in a loss of integrity, and/or availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.