CVE-2006-7155
Summary
| CVE | CVE-2006-7155 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-03-07 20:19:00 UTC |
| Updated | 2017-07-29 01:29:00 UTC |
| Description | Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Novell | Bordermanager | 3.8 | sp4 | All | All |
| Application | Novell | Bordermanager | 3.8 | sp4 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| BorderManager 3.8 generates predictable ISAKMP cookies | CONFIRM | secure-support.novell.com | |
| SecurityTracker.com Archives - Novell BorderManager Predictable ISAKMP Cookies May Let Remote Users Conduct Denial of Service and Replay Attacks | SECTRACK | securitytracker.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Novell BorderManager ISAKMP Predictable Cookie Security Issue - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| [VIM] Novell BorderManager ISAKMP issue smells like a dupe | VIM | www.attrition.org | |
| Novell BorderManager ISAKMP Predictable Cookie Vulnerability | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| 30338 | OSVDB | www.osvdb.org | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.