CVE Vulnerabilities

CVE-2006-0905

Published: Mar 23, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

A programming error in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 4.8 4.8
Freebsd Freebsd 5.4 5.4
Freebsd Freebsd 5.3 5.3
Freebsd Freebsd 5.1 5.1
Freebsd Freebsd 5.3 5.3
Freebsd Freebsd 5.1 5.1
Freebsd Freebsd 5.2.1 5.2.1
Freebsd Freebsd 5.0 5.0
Freebsd Freebsd 5.1 5.1
Freebsd Freebsd 5.0 5.0
Freebsd Freebsd 5.1 5.1
Freebsd Freebsd 4.10 4.10
Freebsd Freebsd 4.11 4.11
Freebsd Freebsd 4.10 4.10
Freebsd Freebsd 4.9 4.9
Freebsd Freebsd 5.1 5.1
Freebsd Freebsd 4.9 4.9
Freebsd Freebsd 4.8 4.8
Freebsd Freebsd 5.4 5.4
Freebsd Freebsd 5.2 5.2
Freebsd Freebsd 4.11 4.11
Freebsd Freebsd 4.10 4.10
Freebsd Freebsd 4.8 4.8
Freebsd Freebsd 5.4 5.4
Freebsd Freebsd 6.0 6.0
Freebsd Freebsd 4.10 4.10
Freebsd Freebsd 5.4 5.4
Freebsd Freebsd 5.0 5.0
Netbsd Netbsd 3.0 3.0
Freebsd Freebsd 5.2.1 5.2.1
Freebsd Freebsd 4.8 4.8
Freebsd Freebsd 5.0 5.0
Netbsd Netbsd 2.0 2.0
Freebsd Freebsd 6.0 6.0
Freebsd Freebsd 5.3 5.3
Freebsd Freebsd 4.9 4.9
Freebsd Freebsd 5.3 5.3
Freebsd Freebsd 4.11 4.11

References