Published: 29/08/2006 Updated: 20/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote malicious users to replay IPSec packets and bypass the replay protection.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openbsd openbsd 3.8
openbsd openbsd 3.9

Debian Bug report logs - #385894 CVE-2006-4436: replay protection bypass vulnerability in isakmpd Package: isakmpd; Maintainer for isakmpd is Debian QA Group <packages@qadebianorg>; Source for isakmpd is src:isakmpd (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Sun, 3 Sep 2006 20:33:15 U ...

A flaw has been found in isakmpd, OpenBSD's implementation of the Internet Key Exchange protocol, that caused Security Associations to be created with a replay window of 0 when isakmpd was acting as the responder during SA negotiation This could allow an attacker to re-inject sniffed IPsec packets, which would not be checked against the replay cou ...

NVD-CWE-Other http://www.openbsd.org/errata38.html#isakmpd http://www.openbsd.org/errata.html#isakmpd http://www.securityfocus.com/bid/19712 http://securitytracker.com/id?1016757 http://secunia.com/advisories/21652 http://www.osvdb.org/28194 http://www.debian.org/security/2006/dsa-1175 http://secunia.com/advisories/21905 https://exchange.xforce.ibmcloud.com/vulnerabilities/28645 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385894 https://www.debian.org/security/./dsa-1175 https://nvd.nist.gov

CVE-2006-4436

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect