Vulnerability CVE-2006-7155
Published: 2007-03-07   Modified: 2012-02-12

Description:
Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Novell -> Bordermanager 

 References:
http://secunia.com/advisories/22699
https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html
http://xforce.iss.net/xforce/xfdb/30218
http://www.vupen.com/english/advisories/2006/4471
http://www.securityfocus.com/bid/21014
http://www.osvdb.org/30338
http://www.attrition.org/pipermail/vim/2007-March/001410.html
http://securitytracker.com/id?1017213
Copyright 2024, cxsecurity.com

 

Back to Top