ID CVE-2006-1646
Summary The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote attackers to cause a denial of service (daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Vulnerable Configurations
  • cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*
    cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 21:02)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm http://mail-index.netbsd.org/source-changes/2006/01/19/0017.html
misc
netbsd NetBSD-SA2006-003
secunia 19463
Last major update 05-09-2008 - 21:02
Published 06-04-2006 - 10:04
Last modified 05-09-2008 - 21:02
Back to Top