Lucene search

[email protected]CVE-2006-3551

HistoryJul 13, 2006 - 12:05 a.m.

CVE-2006-3551

2006-07-1300:05:00

[email protected]

web.nvd.nist.gov

ncp secure

enterprise client

vpn

pki client

network security

udp traffic

vulnerability

7 High

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67.

Affected configurations

NVD

Node

ncp_network_communicationssecure_clientRange≤8.30_build_59

CPENameOperatorVersion
ncp_network_communications:secure_clientncp network communications secure clientle8.30_build_59

CPE	Name	Operator	Version
ncp_network_communications:secure_client	ncp network communications secure client	le	8.30_build_59

References

lists.grok.org.uk/pipermail/full-disclosure/2006-June/047547.html

exchange.xforce.ibmcloud.com/vulnerabilities/27484

7 High

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVE-2006-3551

nvd1 cvelist1