CVE-2006-0905

fast_ipsec - FreeBSD 4.8-RELEASE-6.1-STABLE & NetBSD 2-3 - Info Dis...

Title source: llm

Description

A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

References (7)

Core 7

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/24068

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015809

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17191

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19366

Vendor Advisory vendor-advisory x_refsource_netbsd

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc

Patch, Vendor Advisory vendor-advisory x_refsource_freebsd

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/25398

Scores

EPSS 0.0120

EPSS Percentile 79.2%

Details

Status published

Products (13)

freebsd/freebsd 4.8 (4 CPE variants)

freebsd/freebsd 4.9 (3 CPE variants)

freebsd/freebsd 4.10 (4 CPE variants)

freebsd/freebsd 4.11 release_p3 (3 CPE variants)

freebsd/freebsd 5.0 (4 CPE variants)

freebsd/freebsd 5.1 (5 CPE variants)

freebsd/freebsd 5.2

freebsd/freebsd 5.2.1 release (2 CPE variants)

freebsd/freebsd 5.3 (4 CPE variants)

freebsd/freebsd 5.4 pre-release (4 CPE variants)

... and 3 more

Published Mar 23, 2006

Tracked Since Feb 18, 2026