Details of VAR-200607-0467

ID

VAR-200607-0467

CVE

CVE-2006-3906

TITLE

Cisco IOS/PIX Firewall of IKE Vulnerabilities that consume large amounts of resources

Trust: 0.8

sources: JVNDB: JVNDB-2006-000459

DESCRIPTION

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Cisco IOS , PIX Firewall Implement IKE version 1 The protocol has a new IKE After receiving a session request, a new one again before the session expires IKE If you receive a request repeatedly, IKE A vulnerability exists that consumes excessive resources to establish a session.By legitimate users IKE SA ( Security Association ) May be disrupted. Cisco Internet Key Exchange (IKE) is prone to a denial-of-service vulnerability that affects devices implementing IKE 1. The issue is caused by resource exhaustion when handling a high rate of IKE requests. An attacker can exploit this issue through continuous attacks to deplete available resources. This will cause the device to deny future connections and to block current connections that are re-keyed. Cisco VPN 3000 Series Hubs allow secure, encrypted access to VPN networks. Cisco VPN 3000 has a problem when processing a large number of IKE session request packets. Remote attackers may use this vulnerability to perform denial of service attacks on the device. If an attacker can initiate new IKE sessions faster than they can expire in the queue, it is possible to exhaust the IKE resources on the remote VPN hub. Tests have shown that the target hub is affected if the sending rate reaches 2 packets per second, and becomes unusable if it reaches 10 packets per second. Main Mode messages are a minimum of 112 bytes, so 10 messages per second equates to approximately 9,000 bits per second. If this speed is reached, the attacker's packets will fill the hub queue, making it impossible to process valid IKE requests. Since the vulnerability occurs before the authentication stage, no valid credentials are required for the attack

Trust: 1.98

sources: NVD: CVE-2006-3906 // JVNDB: JVNDB-2006-000459 // BID: 19176 // VULHUB: VHN-20014

AFFECTED PRODUCTS

vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.5.2	Trust: 1.5
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1	Trust: 1.1
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3	Trust: 1.1
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2	Trust: 1.1
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.5	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(4\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.4	Trust: 1.0
vendor:	cisco	model:	vpn 3015 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0\(3\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0\(4\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1.5\(104\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.1\(4\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.2\(1\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(5\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(9\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.2\(5\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.1.4	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.7.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.a	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.2\(3.100\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.4\(4\)	Trust: 1.0
vendor:	cisco	model:	vpn 3001 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.1\(6b\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.d	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.3	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7.1.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	vpn 3080 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall 506	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(7\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(3.102\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(2\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.3\(1.200\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(2\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0\(4.101\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7.1	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	2.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.4.3	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7.2.a	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.4\(8\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.2\(2\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.2\(2\)	Trust: 1.0
vendor:	cisco	model:	pix firewall 515e	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.3\(3\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.5.b	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(1\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.c	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.3	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(5\)	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7.2	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.3\(1\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.7.l	Trust: 1.0
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.5_\(112\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.2	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.0\(1\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(1\)	Trust: 1.0
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.2_.111	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.b	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(3.210\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	cisco	model:	vpn 3005 concentrator software	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.c	Trust: 1.0
vendor:	cisco	model:	pix asa ids	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7d	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.3\(2\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1\(3\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	3.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.4	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(3.109\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.4	Trust: 1.0
vendor:	cisco	model:	pix firewall 525	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.3_\(133\)	Trust: 1.0
vendor:	cisco	model:	vpn 3060 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1\(rel\)	Trust: 1.0
vendor:	cisco	model:	pix firewall 535	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.b	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.4\(7.202\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.2\(6\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.2	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.2\(1\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1\(1\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.3\(3\)	Trust: 1.0
vendor:	cisco	model:	vpn 3020 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1\(2\)	Trust: 1.0
vendor:	cisco	model:	pix firewall 515	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7.1.f	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.1\(6\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.0	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.d	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1\(5\)	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7\(rel\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	5.1\(4.206\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5\(rel\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	4.7.2.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7	Trust: 1.0
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.3_\(110\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7\(rel\)	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.1\(4\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7.2.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.7.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.7.2.f	Trust: 1.0
vendor:	cisco	model:	pix firewall software	scope:	eq	version:	6.2\(3\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.3	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.5	Trust: 1.0
vendor:	cisco	model:	pix firewall 501	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0.5.b	Trust: 1.0
vendor:	cisco	model:	pix firewall 520	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	secure pix firewall	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.0	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 0.8
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1	Trust: 0.8
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2	Trust: 0.8
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.3	Trust: 0.6
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.3	Trust: 0.3
vendor:	cisco	model:	gigabit switch router del	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0.x	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(7)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(3)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator l	scope:	eq	version:	30304.1.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator 4.1.7.a	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30304.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5350	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.4	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.5(112)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30154.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30604.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30804.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	520	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.0.1	Trust: 0.3
vendor:	cisco	model:	secure pix firewall	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.2(5)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(3.109)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30204.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.1(4.206)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30804.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30603.5.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(3)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5010	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(5)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator .b	scope:	eq	version:	30004.0.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30054.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.4(8)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3060	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(4)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(6)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3020	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30204.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall 515e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.4	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(9)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(5)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(4)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30154.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30804.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30304.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.1.6	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(1)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.1.x	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	515	Trust: 0.3
vendor:	cisco	model:	pix firewall b	scope:	eq	version:	4.1.6	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30604.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30054.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30154.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30304.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(1)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator l	scope:	eq	version:	30204.1.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30304.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator l	scope:	eq	version:	30804.1.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30004.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(3)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5060	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3030	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(4.101)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30204.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30154.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.3(110)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator .b	scope:	eq	version:	30004.1.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30604.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(3.210)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2(3.100)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.5	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator 4.1.7.b	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(5)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.5	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30604.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30154.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30804.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator b	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3080	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30804.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30010	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3(1.200)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator l	scope:	eq	version:	30054.1.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30604.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30204.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.1.5(104)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30304.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30154.7.1	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	525	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30054.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30604.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	eq	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.3(133)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30804.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5256.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(1)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30204.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30054.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30204.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.4(7.202)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30204.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	2.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3015	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator rel	scope:	eq	version:	30154.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	4.4(4)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator l	scope:	eq	version:	30154.1.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(1)	Trust: 0.3
vendor:	cisco	model:	pix/asa ids	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3(3)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30304.7.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.0	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30304.7.2	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.2(5)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(3.102)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3(2)	Trust: 0.3
vendor:	cisco	model:	vpn concentrator c	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30304.0.2	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.4.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.2.2.111	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.5	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.3(1)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	6.0(2)	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5.3(1)	Trust: 0.3

sources: BID: 19176 // JVNDB: JVNDB-2006-000459 // CNNVD: CNNVD-200607-486 // NVD: CVE-2006-3906

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-3906
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2006-3906
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200607-486
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-20014
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-3906
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-20014
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-20014 // JVNDB: JVNDB-2006-000459 // CNNVD: CNNVD-200607-486 // NVD: CVE-2006-3906

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3906

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-486

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200607-486

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000459

PATCH

title:	cisco-sr-20060726-ike	url:	http://www.cisco.com/warp/public/707/cisco-sr-20060726-ike.shtml	Trust: 0.8
title:	cisco-sr-20060726-ike	url:	http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sr-20060726-ike-j.shtml	Trust: 0.8

sources: JVNDB: JVNDB-2006-000459

EXTERNAL IDS

db:	BID	id:	19176	Trust: 2.8
db:	NVD	id:	CVE-2006-3906	Trust: 2.8
db:	SREASON	id:	1293	Trust: 1.7
db:	OSVDB	id:	29068	Trust: 1.7
db:	SECTRACK	id:	1016582	Trust: 1.7
db:	XF	id:	27972	Trust: 1.4
db:	JVNDB	id:	JVNDB-2006-000459	Trust: 0.8
db:	BUGTRAQ	id:	20060728 RE: CISCO VPN CONCENTRATOR IKE RESOURCE EXHAUSTION DOS ADVISORY	Trust: 0.6
db:	BUGTRAQ	id:	20060726 CISCO VPN CONCENTRATOR IKE RESOURCE EXHAUSTION DOS ADVISORY	Trust: 0.6
db:	MISC	id:	HTTP://WWW.NTA-MONITOR.COM/POSTS/2006/07/CISCO-CONCENTRATOR-DOS.HTML	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:5299	Trust: 0.6
db:	CISCO	id:	20060726 INTERNET KEY EXCHANGE RESOURCE EXHAUSTION ATTACK	Trust: 0.6
db:	CNNVD	id:	CNNVD-200607-486	Trust: 0.6
db:	VULHUB	id:	VHN-20014	Trust: 0.1

sources: VULHUB: VHN-20014 // BID: 19176 // JVNDB: JVNDB-2006-000459 // CNNVD: CNNVD-200607-486 // NVD: CVE-2006-3906

REFERENCES

url:	http://www.securityfocus.com/bid/19176	Trust: 2.5
url:	http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html	Trust: 2.0
url:	http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html	Trust: 1.7
url:	http://www.cisco.com/en/us/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html	Trust: 1.7
url:	http://www.osvdb.org/29068	Trust: 1.7
url:	http://securitytracker.com/id?1016582	Trust: 1.7
url:	http://securityreason.com/securityalert/1293	Trust: 1.7
url:	http://xforce.iss.net/xforce/xfdb/27972	Trust: 1.4
url:	http://www.securityfocus.com/archive/1/441203/100/0/threaded	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5299	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/27972	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3906	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-3906	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/archive/1/441203/100/0/threaded	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5299	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/iosswrel/ps5207/products_feature_guide09186a0080229125.html	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sr-20060726-ike.shtml	Trust: 0.3
url:	/archive/1/441203	Trust: 0.3

sources: VULHUB: VHN-20014 // BID: 19176 // JVNDB: JVNDB-2006-000459 // CNNVD: CNNVD-200607-486 // NVD: CVE-2006-3906

CREDITS

Roy Hills Roy.Hills@nta-monitor.com

Trust: 0.6

sources: CNNVD: CNNVD-200607-486

SOURCES

db:	VULHUB	id:	VHN-20014
db:	BID	id:	19176
db:	JVNDB	id:	JVNDB-2006-000459
db:	CNNVD	id:	CNNVD-200607-486
db:	NVD	id:	CVE-2006-3906

LAST UPDATE DATE

2024-08-14T14:59:11.868000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-20014	date:	2018-10-30T00:00:00
db:	BID	id:	19176	date:	2008-07-28T22:37:00
db:	JVNDB	id:	JVNDB-2006-000459	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200607-486	date:	2009-03-04T00:00:00
db:	NVD	id:	CVE-2006-3906	date:	2024-07-02T12:57:11.177

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-20014	date:	2006-07-27T00:00:00
db:	BID	id:	19176	date:	2006-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2006-000459	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200607-486	date:	2006-07-27T00:00:00
db:	NVD	id:	CVE-2006-3906	date:	2006-07-27T22:04:00