CVE-2006-4436

Source
https://cve.org/CVERecord?id=CVE-2006-4436
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-4436.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2006-4436
Downstream
Withdrawn
2024-06-30T15:57:06.407641Z
Published
2006-08-29T00:04:00Z
Modified
2024-06-04T04:00:19Z
Summary
[none]
Details

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection.

References

Affected packages

Debian:10 / isakmpd

Package

Name
isakmpd
Purl
pkg:deb/debian/isakmpd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20041012-4

Ecosystem specific

{
    "urgency": "medium"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-4436.json"