NVD Vulnerability Detail

CVE-2006-0905

Summary	A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
Publication Date	March 23, 2006, 8:06 p.m.
Registration Date	Jan. 29, 2021, 3:32 p.m.
Last Update	July 20, 2017, 10:30 a.m.

CVSS2.0 : HIGH
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	はい
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:freebsd:freebsd:4.8:::::::*
cpe:2.3:o:freebsd:freebsd:4.8:pre-release::::::
cpe:2.3:o:freebsd:freebsd:4.8:release_p7::::::
cpe:2.3:o:freebsd:freebsd:4.8:releng::::::
cpe:2.3:o:freebsd:freebsd:4.9:::::::*
cpe:2.3:o:freebsd:freebsd:4.9:pre-release::::::
cpe:2.3:o:freebsd:freebsd:4.9:releng::::::
cpe:2.3:o:freebsd:freebsd:4.10:::::::*
cpe:2.3:o:freebsd:freebsd:4.10:release::::::
cpe:2.3:o:freebsd:freebsd:4.10:release_p8::::::
cpe:2.3:o:freebsd:freebsd:4.10:releng::::::
cpe:2.3:o:freebsd:freebsd:4.11:release_p3::::::
cpe:2.3:o:freebsd:freebsd:4.11:releng::::::
cpe:2.3:o:freebsd:freebsd:4.11:stable::::::
cpe:2.3:o:freebsd:freebsd:5.0:::::::*
cpe:2.3:o:freebsd:freebsd:5.0:alpha::::::
cpe:2.3:o:freebsd:freebsd:5.0:release_p14::::::
cpe:2.3:o:freebsd:freebsd:5.0:releng::::::
cpe:2.3:o:freebsd:freebsd:5.1:::::::*
cpe:2.3:o:freebsd:freebsd:5.1:alpha::::::
cpe:2.3:o:freebsd:freebsd:5.1:release::::::
cpe:2.3:o:freebsd:freebsd:5.1:release_p5::::::
cpe:2.3:o:freebsd:freebsd:5.1:releng::::::
cpe:2.3:o:freebsd:freebsd:5.2:::::::*
cpe:2.3:o:freebsd:freebsd:5.2.1:release::::::
cpe:2.3:o:freebsd:freebsd:5.2.1:releng::::::
cpe:2.3:o:freebsd:freebsd:5.3:::::::*
cpe:2.3:o:freebsd:freebsd:5.3:release::::::
cpe:2.3:o:freebsd:freebsd:5.3:releng::::::
cpe:2.3:o:freebsd:freebsd:5.3:stable::::::
cpe:2.3:o:freebsd:freebsd:5.4:pre-release::::::
cpe:2.3:o:freebsd:freebsd:5.4:release::::::
cpe:2.3:o:freebsd:freebsd:5.4:releng::::::
cpe:2.3:o:freebsd:freebsd:5.4:stable::::::
cpe:2.3:o:freebsd:freebsd:6.0:release::::::
cpe:2.3:o:freebsd:freebsd:6.0:stable::::::
cpe:2.3:o:netbsd:netbsd:2.0:::::::*
cpe:2.3:o:netbsd:netbsd:3.0:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc	FREEBSD	Patch Vendor Advisory
2	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc	NETBSD
3	http://secunia.com/advisories/19366	SECUNIA	Patch Vendor Advisory
4	http://securitytracker.com/id?1015809	SECTRACK
5	http://www.osvdb.org/24068	OSVDB
6	http://www.securityfocus.com/bid/17191	BID	Patch
7	https://exchange.xforce.ibmcloud.com/vulnerabilities/25398	XF

Common Vulnerabilities List

JVN Vulnerability Information

FreeBSD および NetBSD の fast_ipsec における IPSec パケットをキャプチャされる脆弱性

Title	FreeBSD および NetBSD の fast_ipsec における IPSec パケットをキャプチャされる脆弱性
Summary	FreeBSD および NetBSD の fast_ipsec の "プログラミングエラー" には、IPSec パケットをキャプチャされる、およびリプレイ攻撃を実行される脆弱性が存在します。
Possible impacts	第三者により、IPSec パケットをキャプチャされる、およびリプレイ攻撃を実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	March 23, 2006, midnight
Registration Date	Dec. 26, 2013, 3:44 p.m.
Last Update	Dec. 26, 2013, 3:44 p.m.

Affected System

FreeBSD

FreeBSD 4.8-RELEASE から 6.1-STABLE

NetBSD

NetBSD 2 から 3

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-0905	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0905
National Vulnerability Database (NVD)
2	CVE-2006-0905	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0905

ベンダー情報

No	Name	URL
関連リンク
1	17191	http://www.securityfocus.com/bid/17191
2	19366	http://secunia.com/advisories/19366
3	FreeBSD-SA-06:11.ipsec.asc	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc

Change Log

No	Changed Details	Date of change
0	[2013年12月26日] 掲載	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:freebsd:freebsd:4.8:::::::*
cpe:2.3:o:freebsd:freebsd:4.8:pre-release::::::
cpe:2.3:o:freebsd:freebsd:4.8:release_p7::::::
cpe:2.3:o:freebsd:freebsd:4.8:releng::::::
cpe:2.3:o:freebsd:freebsd:4.9:::::::*
cpe:2.3:o:freebsd:freebsd:4.9:pre-release::::::
cpe:2.3:o:freebsd:freebsd:4.9:releng::::::
cpe:2.3:o:freebsd:freebsd:4.10:::::::*
cpe:2.3:o:freebsd:freebsd:4.10:release::::::
cpe:2.3:o:freebsd:freebsd:4.10:release_p8::::::
cpe:2.3:o:freebsd:freebsd:4.10:releng::::::
cpe:2.3:o:freebsd:freebsd:4.11:release_p3::::::
cpe:2.3:o:freebsd:freebsd:4.11:releng::::::
cpe:2.3:o:freebsd:freebsd:4.11:stable::::::
cpe:2.3:o:freebsd:freebsd:5.0:::::::*
cpe:2.3:o:freebsd:freebsd:5.0:alpha::::::
cpe:2.3:o:freebsd:freebsd:5.0:release_p14::::::
cpe:2.3:o:freebsd:freebsd:5.0:releng::::::
cpe:2.3:o:freebsd:freebsd:5.1:::::::*
cpe:2.3:o:freebsd:freebsd:5.1:alpha::::::
cpe:2.3:o:freebsd:freebsd:5.1:release::::::
cpe:2.3:o:freebsd:freebsd:5.1:release_p5::::::
cpe:2.3:o:freebsd:freebsd:5.1:releng::::::
cpe:2.3:o:freebsd:freebsd:5.2:::::::*
cpe:2.3:o:freebsd:freebsd:5.2.1:release::::::
cpe:2.3:o:freebsd:freebsd:5.2.1:releng::::::
cpe:2.3:o:freebsd:freebsd:5.3:::::::*
cpe:2.3:o:freebsd:freebsd:5.3:release::::::
cpe:2.3:o:freebsd:freebsd:5.3:releng::::::
cpe:2.3:o:freebsd:freebsd:5.3:stable::::::
cpe:2.3:o:freebsd:freebsd:5.4:pre-release::::::
cpe:2.3:o:freebsd:freebsd:5.4:release::::::
cpe:2.3:o:freebsd:freebsd:5.4:releng::::::
cpe:2.3:o:freebsd:freebsd:5.4:stable::::::
cpe:2.3:o:freebsd:freebsd:6.0:release::::::
cpe:2.3:o:freebsd:freebsd:6.0:stable::::::
cpe:2.3:o:netbsd:netbsd:2.0:::::::*
cpe:2.3:o:netbsd:netbsd:3.0:::::::*