isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote malicious users to replay IPSec packets and bypass the replay protection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openbsd 3.8 |
||
openbsd openbsd 3.9 |