Vulnerability Details CVE-2006-0905
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.0%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc
- http://secunia.com/advisories/19366
- http://securitytracker.com/id?1015809
- http://www.osvdb.org/24068
- http://www.securityfocus.com/bid/17191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25398
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc
- http://secunia.com/advisories/19366
- http://securitytracker.com/id?1015809
- http://www.osvdb.org/24068
- http://www.securityfocus.com/bid/17191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25398
Products affected by CVE-2006-0905
-
cpe:2.3:o:freebsd:freebsd:4.10
-
cpe:2.3:o:freebsd:freebsd:4.11
-
cpe:2.3:o:freebsd:freebsd:4.8
-
cpe:2.3:o:freebsd:freebsd:4.9
-
cpe:2.3:o:freebsd:freebsd:5.0
-
cpe:2.3:o:freebsd:freebsd:5.1
-
cpe:2.3:o:freebsd:freebsd:5.2
-
cpe:2.3:o:freebsd:freebsd:5.2.1
-
cpe:2.3:o:freebsd:freebsd:5.3
-
cpe:2.3:o:freebsd:freebsd:5.4
-
cpe:2.3:o:freebsd:freebsd:6.0
-
cpe:2.3:o:netbsd:netbsd:2.0
-
cpe:2.3:o:netbsd:netbsd:3.0