Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-0905

EPSS 1.20% · P79
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-0905

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
FreeBSD IPsec反回放攻击实现漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD的IPsec实现的反回放攻击服务存在漏洞,远程攻击者可能利用此漏洞。 IPsec提供了反回放攻击服务,如果启用了该服务就可以防止攻击者成功执行回放攻击。这是通过验证序列号来实现的。fast_ipsec(4)实现中存在编程错误,导致没有升级序列号相关的安全关联,允许报文无条件的通过序列号验证检查。攻击者可以拦截IPSec报文并回放。如果使用了无法提供任何报文回放防范措施的更高级别协议(如UDP),还可能有其他
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-0905

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-0905

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-03-23 · 23 CVEs total

CVE-2000-1240AnyPortal(php)敏感信息泄露漏洞
CVE-2006-1359Microsoft Internet Explorer代码注入漏洞
CVE-2006-1363Justin White 'images.php'任意PHP代码执行漏洞
CVE-2006-1362Mini-Nuke CMS System 多个SQL注入漏洞
CVE-2006-1361OSWiki Username HTML注入漏洞
CVE-2006-1360MusicBox多个输入验证漏洞
CVE-2006-0999Micro Focus Novell NetWare和Novell Open Enterprise Server 安全漏洞
CVE-2006-0998Novell NetWare和Novell Open Enterprise Server 安全漏洞
CVE-2006-0997Novell NetWare和Novell Open Enterprise Server 安全漏洞
CVE-2006-0050SNMPTRAPFMT不安全临时文件创建漏洞
CVE-2003-1298AnyPortal(PHP) Siteman.PHP3 目录遍历漏洞
CVE-2005-2922RealNetworks产品多个缓冲区溢出漏洞
CVE-2006-1364Microsoft ASP.NET COM Components W3WP远程拒绝服务漏洞
CVE-2006-1283OPIE任意账户口令更改漏洞
CVE-2006-1371eXpandable主页CMS多个访问验证漏洞
CVE-2006-1370RealNetworks产品多个缓冲区溢出漏洞
CVE-2006-1369Invision Power Board PM跨站脚本攻击漏洞
CVE-2006-1368Linux内核RNDIS_Query_Response远程缓冲区溢出漏洞
CVE-2006-1367Motorola蓝牙接口访问验证漏洞
CVE-2006-1366Motorola PEBL U6 OBEX setpath缓冲区溢出漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-0905

No comments yet

Leave a comment