Lucene search
HistoryAug 29, 2006 - 12:04 a.m.
CVE-2006-4436
isakmpd
openbsd
replay window
ipsec
replay attacks
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.221 Low
EPSS
Percentile
96.5%
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection.
Affected configurations
Node
openbsdopenbsdMatch3.8
ORopenbsdopenbsdMatch3.9
| CPE | Name | Operator | Version |
|---|---|---|---|
| openbsd:openbsd | openbsd | eq | 3.8 |
| openbsd:openbsd | openbsd | eq | 3.9 |
References
Related
openvas
openvas
Debian: Security Advisory (DSA-1175-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1175-1 (isakmpd)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2006-4436
2006-08-29 00:04:00
cvelist
cvelist
CVE-2006-4436
2006-08-29 00:00:00
nessus
nessus
Debian DSA-1175-1 : isakmpd - programming error
2006-10-14 00:00:00
nvd
nvd
CVE-2006-4436
2006-08-29 00:04:00
debian
debian
[SECURITY] [DSA 1175-1] New isakmpd packages fix replay protection bypass
2006-09-13 15:03:56
ubuntucve
ubuntucve
CVE-2006-4436
2006-08-29 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.221 Low
EPSS
Percentile
96.5%
Related for CVE-2006-4436