Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-0905
HistoryMar 23, 2006 - 11:06 a.m.

CVE-2006-0905

2006-03-2311:06:00
[email protected]
web.nvd.nist.gov
19
programming error
fast_ipsec
freebsd
netbsd
sequence number
ipsec
replay attack
cve-2006-0905

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

A “programming error” in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

Affected configurations

NVD
Node
freebsdfreebsdMatch4.8
OR
freebsdfreebsdMatch4.8pre-release
OR
freebsdfreebsdMatch4.8release_p7
OR
freebsdfreebsdMatch4.8releng
OR
freebsdfreebsdMatch4.9
OR
freebsdfreebsdMatch4.9pre-release
OR
freebsdfreebsdMatch4.9releng
OR
freebsdfreebsdMatch4.10
OR
freebsdfreebsdMatch4.10release
OR
freebsdfreebsdMatch4.10release_p8
OR
freebsdfreebsdMatch4.10releng
OR
freebsdfreebsdMatch4.11release_p3
OR
freebsdfreebsdMatch4.11releng
OR
freebsdfreebsdMatch4.11stable
OR
freebsdfreebsdMatch5.0
OR
freebsdfreebsdMatch5.0alpha
OR
freebsdfreebsdMatch5.0release_p14
OR
freebsdfreebsdMatch5.0releng
OR
freebsdfreebsdMatch5.1
OR
freebsdfreebsdMatch5.1alpha
OR
freebsdfreebsdMatch5.1release
OR
freebsdfreebsdMatch5.1release_p5
OR
freebsdfreebsdMatch5.1releng
OR
freebsdfreebsdMatch5.2
OR
freebsdfreebsdMatch5.2.1release
OR
freebsdfreebsdMatch5.2.1releng
OR
freebsdfreebsdMatch5.3
OR
freebsdfreebsdMatch5.3release
OR
freebsdfreebsdMatch5.3releng
OR
freebsdfreebsdMatch5.3stable
OR
freebsdfreebsdMatch5.4pre-release
OR
freebsdfreebsdMatch5.4release
OR
freebsdfreebsdMatch5.4releng
OR
freebsdfreebsdMatch5.4stable
OR
freebsdfreebsdMatch6.0release
OR
freebsdfreebsdMatch6.0stable
OR
netbsdnetbsdMatch2.0
OR
netbsdnetbsdMatch3.0

Related

cvelist 2
openvas 2
freebsd_advisory 1
nvd 2
securityvulns 1
ubuntucve 1
freebsd 1
prion 2
cve 1
cvelist
cvelist
CVE-2006-0905
2006-03-23 11:00:00
CVE-2008-1335
2008-03-13 18:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-06:11.ipsec.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-06:11.ipsec.asc)
2008-09-04 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:11.ipsec
2006-03-22 00:00:00
nvd
nvd
CVE-2006-0905
2006-03-23 11:06:00
CVE-2008-1335
2008-03-13 18:44:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-06:11.ipsec
2006-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2006-0905
2006-03-23 00:00:00
freebsd
freebsd
ipsec -- reply attack vulnerability
2006-03-22 00:00:00
prion
prion
Code injection
2006-03-23 11:06:00
Design/Logic Flaw
2008-03-13 18:44:00
cve
cve
CVE-2008-1335
2008-03-13 18:44:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON
Related for CVE-2006-0905
cvelist2openvas2freebsd_advisory1nvd2securityvulns1ubuntucve1freebsd1prion2cve1