CVE-2006-0905

Description

A programming error in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

Risk Information

Base Score

7.3

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score

Exploitation Probability

1.2

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234