CVE-2006-0905

2006-03-2300:00:00

ubuntu.com

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.3%

JSON

A “programming error” in fast_ipsec in FreeBSD 4.8-RELEASE through
6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence
number associated with a Security Association, which allows packets to pass
sequence number checks and allows remote attackers to capture IPSec packets
and conduct replay attacks.

OSVersionArchitecturePackageVersionFilename
ubuntu6.10noarchkfreebsd-5< 5.4-17UNKNOWN
ubuntu7.04noarchkfreebsd-5< 5.4-17UNKNOWN
ubuntu7.10noarchkfreebsd-5< 5.4-17UNKNOWN
ubuntu8.04noarchkfreebsd-5< 5.4-17UNKNOWN
ubuntu8.10noarchkfreebsd-5< 5.4-17UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.10	noarch	kfreebsd-5	< 5.4-17	UNKNOWN
ubuntu	7.04	noarch	kfreebsd-5	< 5.4-17	UNKNOWN
ubuntu	7.10	noarch	kfreebsd-5	< 5.4-17	UNKNOWN
ubuntu	8.04	noarch	kfreebsd-5	< 5.4-17	UNKNOWN
ubuntu	8.10	noarch	kfreebsd-5	< 5.4-17	UNKNOWN