Lucene search

[email protected]CVE-2006-0718

HistoryFeb 15, 2006 - 9:02 p.m.

CVE-2006-0718

2006-02-1521:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0718

internet key exchange

avaya

vsu

ipsec

denial of service

crash

remote attackers

nvd

6.3 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.2%

JSON

The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.

CPENameOperatorVersion
avaya:vsu_2000avaya vsu 2000eq3.2.40
avaya:vsu_10000avaya vsu 10000eq3.2.40
avaya:vsu_100avaya vsu 100eq3.2.40
avaya:vsu_7500avaya vsu 7500eq3.2.40
avaya:csu_5000avaya csu 5000eq3.2.40

CPE	Name	Operator	Version
avaya:vsu_2000	avaya vsu 2000	eq	3.2.40
avaya:vsu_10000	avaya vsu 10000	eq	3.2.40
avaya:vsu_100	avaya vsu 100	eq	3.2.40
avaya:vsu_7500	avaya vsu 7500	eq	3.2.40
avaya:csu_5000	avaya csu 5000	eq	3.2.40

References

secunia.com/advisories/18836

support.avaya.com/elmodocs2/security/ASA-2006-043.htm

www.kb.cert.org/vuls/id/226364

www.securityfocus.com/bid/16613

6.3 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.2%

JSON

Related for CVE-2006-0718

prion2 nessus8 cve15 cisco1