5

CVE-2006-3906

EPSS 4.28%
Published 27.07.2006 22:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios

Cisco ≫ Vpn 3001 Concentrator

Cisco ≫ Vpn 3015 Concentrator

Cisco ≫ Vpn 3020 Concentrator

Cisco ≫ Vpn 3030 Concentator

Cisco ≫ Vpn 3060 Concentrator

Cisco ≫ Vpn 3080 Concentrator

Cisco ≫ Adaptive Security Appliance Software Version7.0

Cisco ≫ Adaptive Security Appliance Software Version7.0.1.4

Cisco ≫ Adaptive Security Appliance Software Version7.0.4.3

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.c

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.d

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.f

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.3.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.3.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.3

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.5

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.3

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.5

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.c

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.d

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.f

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7d

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0.5.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.5.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.7.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.7.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.7.l

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7.1.f

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7.2.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.7.2.f

Cisco ≫ Vpn 3005 Concentrator Software Version4.0.1

Cisco ≫ Vpn 3030 Concentator Version4.7.1

Cisco ≫ Vpn 3030 Concentator Version4.7.1.f

Cisco ≫ Vpn 3030 Concentator Version4.7.2

Cisco ≫ Vpn 3030 Concentator Version4.7.2.a

Cisco ≫ Vpn 3030 Concentator Version4.7.2.f

Cisco ≫ Pix Asa Ids

Cisco ≫ Pix Firewall Version6.2.2_.111

Cisco ≫ Pix Firewall 501

Cisco ≫ Pix Firewall 506

Cisco ≫ Pix Firewall 515

Cisco ≫ Pix Firewall 515e

Cisco ≫ Pix Firewall 520

Cisco ≫ Pix Firewall 525

Cisco ≫ Pix Firewall 535

Cisco ≫ Secure Pix Firewall

Cisco ≫ Pix Firewall Software Version2.7

Cisco ≫ Pix Firewall Software Version3.0

Cisco ≫ Pix Firewall Software Version3.1

Cisco ≫ Pix Firewall Software Version4.0

Cisco ≫ Pix Firewall Software Version4.2

Cisco ≫ Pix Firewall Software Version4.3

Cisco ≫ Pix Firewall Software Version4.4

Cisco ≫ Pix Firewall Software Version5.0

Cisco ≫ Pix Firewall Software Version5.1

Cisco ≫ Pix Firewall Software Version5.2

Cisco ≫ Pix Firewall Software Version5.3

Cisco ≫ Pix Firewall Software Version6.0

Cisco ≫ Pix Firewall Software Version6.1

Cisco ≫ Pix Firewall Software Version6.2

Cisco ≫ Pix Firewall Software Version6.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.28%	0.884

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html

http://securityreason.com/securityalert/1293

http://securitytracker.com/id?1016582

http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html

http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html

http://www.osvdb.org/29068

http://www.securityfocus.com/archive/1/441203/100/0/threaded

http://www.securityfocus.com/bid/19176

https://exchange.xforce.ibmcloud.com/vulnerabilities/27972

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299

https://nvd.nist.gov/vuln/detail/CVE-2006-3906

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3906

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3906

EUVD