5

CVE-2006-4436

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenbsd Version3.8
OpenbsdOpenbsd Version3.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.74% 0.747
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21652
Patch
Vendor Advisory
http://secunia.com/advisories/21905
http://securitytracker.com/id?1016757
Patch
http://www.debian.org/security/2006/dsa-1175
http://www.openbsd.org/errata.html#isakmpd
http://www.openbsd.org/errata38.html#isakmpd
http://www.osvdb.org/28194
http://www.securityfocus.com/bid/19712
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/28645