IPSec Sequence Number Vulnerability in FreeBSD and NetBSD
CVE-2006-0905

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Netbsd
Vendor: CVE Published:; 23 March 2006

What is CVE-2006-0905?

A flaw in the Fast_IPSec implementation within FreeBSD and NetBSD allows for improper validation of sequence numbers in Security Associations. This weakness enables remote attackers to bypass sequence number checks and capture sensitive IPSec packets, potentially leading to replay attacks that compromise the integrity and confidentiality of communications.

References

http://www.osvdb.org/24068

vdb-entryx_refsource_OSVDB

http://securitytracker.com/id?1015809

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/17191

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 23, 2006
Vulnerability Reserved
Feb 28, 2006