Vulnerabilities

CVE-2006-0905

by Fred · 23/03/2006

A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

Date published : 2006-03-23

http://www.securityfocus.com/bid/17191

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc

Similar

Tags: Cybersecurity Alert