CVE-2006-4436 Information

Description

isakmpd in OpenBSD 3.8 3.9 and possibly earlier versions creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation which allows remote attackers to replay IPSec packets and bypass the replay protection.

Reference

http://secunia.com/advisories/21652 http://secunia.com/advisories/21905 http://securitytracker.com/id?1016757 http://www.debian.org/security/2006/dsa-1175 http://www.openbsd.org/errata.htmlisakmpd http://www.openbsd.org/errata38.htmlisakmpd http://www.osvdb.org/28194 http://www.securityfocus.com/bid/19712 https://exchange.xforce.ibmcloud.com/vulnerabilities/28645