Vulnerability Description
Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that "Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This is different network protocol.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Isa Server | 2004 |
References
- http://www.securityfocus.com/archive/1/429816/100/0/threaded
- http://www.securityfocus.com/archive/1/429846/100/0/threaded
- http://www.securityfocus.com/archive/1/430281/100/0/threaded
- http://www.securityfocus.com/archive/1/430684/100/0/threaded
- http://www.securityfocus.com/archive/1/429816/100/0/threaded
- http://www.securityfocus.com/archive/1/429846/100/0/threaded
- http://www.securityfocus.com/archive/1/430281/100/0/threaded
- http://www.securityfocus.com/archive/1/430684/100/0/threaded
FAQ
What is CVE-2006-1651?
CVE-2006-1651 is a vulnerability with a CVSS score of 7.5 (HIGH). Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue...
How severe is CVE-2006-1651?
CVE-2006-1651 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1651?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Isa Server.