Vulnerability Description
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 4.8 |
| Netbsd | Netbsd | 2.0 |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.ascPatchVendor Advisory
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc
- http://secunia.com/advisories/19366PatchVendor Advisory
- http://securitytracker.com/id?1015809
- http://www.osvdb.org/24068
- http://www.securityfocus.com/bid/17191Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25398
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.ascPatchVendor Advisory
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc
- http://secunia.com/advisories/19366PatchVendor Advisory
- http://securitytracker.com/id?1015809
- http://www.osvdb.org/24068
- http://www.securityfocus.com/bid/17191Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25398
FAQ
What is CVE-2006-0905?
CVE-2006-0905 is a vulnerability with a CVSS score of 7.5 (HIGH). A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows p...
How severe is CVE-2006-0905?
CVE-2006-0905 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0905?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd, Netbsd Netbsd.