{"api_version":"1","generated_at":"2026-04-23T01:12:00+00:00","cve":"CVE-2006-7155","urls":{"html":"https://cve.report/CVE-2006-7155","api":"https://cve.report/api/cve/CVE-2006-7155.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-7155","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-7155"},"summary":{"title":"CVE-2006-7155","description":"Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-03-07 20:19:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/22699","name":"http://secunia.com/advisories/22699","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Novell BorderManager ISAKMP Predictable Cookie Security Issue - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/4471","name":"http://www.vupen.com/english/advisories/2006/4471","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.attrition.org/pipermail/vim/2007-March/001410.html","name":"http://www.attrition.org/pipermail/vim/2007-March/001410.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"[VIM] Novell BorderManager ISAKMP issue smells like a dupe","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30218","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30218","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/30338","name":"http://www.osvdb.org/30338","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/21014","name":"http://www.securityfocus.com/bid/21014","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Novell BorderManager ISAKMP Predictable Cookie Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html","name":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"BorderManager 3.8 generates predictable ISAKMP cookies","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://securitytracker.com/id?1017213","name":"http://securitytracker.com/id?1017213","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Novell BorderManager Predictable ISAKMP Cookies May Let Remote Users Conduct Denial of Service and Replay Attacks","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-7155","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-7155","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"7155","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"novell","cpe5":"bordermanager","cpe6":"3.8","cpe7":"sp4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T20:57:39.284Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20070303 Novell BorderManager ISAKMP issue smells like a dupe","tags":["mailing-list","x_refsource_VIM","x_transferred"],"url":"http://www.attrition.org/pipermail/vim/2007-March/001410.html"},{"name":"novell-bordermanager-isakmp-security-bypass(30218)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30218"},{"name":"21014","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/21014"},{"name":"22699","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/22699"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html"},{"name":"30338","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/30338"},{"name":"ADV-2006-4471","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/4471"},{"name":"1017213","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1017213"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-11-10T00:00:00.000Z","descriptions":[{"lang":"en","value":"Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20070303 Novell BorderManager ISAKMP issue smells like a dupe","tags":["mailing-list","x_refsource_VIM"],"url":"http://www.attrition.org/pipermail/vim/2007-March/001410.html"},{"name":"novell-bordermanager-isakmp-security-bypass(30218)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30218"},{"name":"21014","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/21014"},{"name":"22699","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/22699"},{"tags":["x_refsource_CONFIRM"],"url":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html"},{"name":"30338","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/30338"},{"name":"ADV-2006-4471","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/4471"},{"name":"1017213","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1017213"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-7155","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20070303 Novell BorderManager ISAKMP issue smells like a dupe","refsource":"VIM","url":"http://www.attrition.org/pipermail/vim/2007-March/001410.html"},{"name":"novell-bordermanager-isakmp-security-bypass(30218)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30218"},{"name":"21014","refsource":"BID","url":"http://www.securityfocus.com/bid/21014"},{"name":"22699","refsource":"SECUNIA","url":"http://secunia.com/advisories/22699"},{"name":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html","refsource":"CONFIRM","url":"https://secure-support.novell.com/KanisaPlatform/Publishing/201/3003139_f.SAL_Public.html"},{"name":"30338","refsource":"OSVDB","url":"http://www.osvdb.org/30338"},{"name":"ADV-2006-4471","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/4471"},{"name":"1017213","refsource":"SECTRACK","url":"http://securitytracker.com/id?1017213"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-7155","datePublished":"2007-03-07T20:00:00.000Z","dateReserved":"2007-03-07T00:00:00.000Z","dateUpdated":"2024-08-07T20:57:39.284Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-03-07 20:19:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:novell:bordermanager:3.8:sp4:*:*:*:*:*:*","matchCriteriaId":"726CF8C6-6C28-4C19-B2C2-88E0B01FEEC1"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"7155","Ordinal":"1","Title":"CVE-2006-7155","CVE":"CVE-2006-7155","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"7155","Ordinal":"1","NoteData":"Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286.","Type":"Description","Title":"CVE-2006-7155"},{"CveYear":"2006","CveId":"7155","Ordinal":"2","NoteData":"2007-03-07","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"7155","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}