Lucene search

[email protected]CVE-2006-6265

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6265

2006-12-0411:28:00

[email protected]

web.nvd.nist.gov

teredo

remote attackers

inbound connection

port mapping

nat

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.137 Low

EPSS

Percentile

95.7%

JSON

Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.

Affected configurations

NVD

Node

microsoftteredo

CPENameOperatorVersion
microsoft:teredomicrosoft teredoeq*

CPE	Name	Operator	Version
microsoft:teredo	microsoft teredo	eq	*

References

www.securityfocus.com/archive/1/452989/100/0/threaded

www.securityfocus.com/archive/1/452996/100/0/threaded

www.symantec.com/avcenter/reference/Teredo_Security.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/17897

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.137 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2006-6265

cvelist1 nvd1