CVE-2006-4436 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4436
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4436

Description: isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28645 ST 1016757 SAID Secunia Advisory: SA21652 Secunia Advisory: SA21905 OSVDB 28194 OPENBSD http://www.openbsd.org/errata.html#isakmpd http://www.openbsd.org/errata38.html#isakmpd DEBIAN http://www.debian.org/security/2006/dsa-1175 BID 19712

Return to the previous page.