CVE-2006-0905
Last modified
CVE-2006-0905 is a vulnerability of currently unknown severity. A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.. EPSS estimates a 1.80% chance of exploitation in the next 30 days.
Description
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Freebsd | Freebsd | 4.8 | — |
| Freebsd | Freebsd | 4.9 | — |
| Freebsd | Freebsd | 4.10 | — |
| Freebsd | Freebsd | 4.11 | Release P3 |
| Freebsd | Freebsd | 5.0 | — |
| Freebsd | Freebsd | 5.1 | — |
| Freebsd | Freebsd | 5.2 | — |
| Freebsd | Freebsd | 5.2.1 | Release |
| Freebsd | Freebsd | 5.3 | — |
| Freebsd | Freebsd | 5.4 | Pre-Release |
| Freebsd | Freebsd | 6.0 | Release |
| Netbsd | Netbsd | 2.0 | — |
| Netbsd | Netbsd | 3.0 | — |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.ascPatch, Vendor Advisory
- http://secunia.com/advisories/19366Patch, Vendor Advisory
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.ascPatch, Vendor Advisory
- http://secunia.com/advisories/19366Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-0905?
How severe is CVE-2006-0905?
How do I fix CVE-2006-0905?
Are you affected by CVE-2006-0905?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST