CVE - CVE-2006-3906

CVE-ID
CVE-2006-3906	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:19176 URL:http://www.securityfocus.com/bid/19176 BUGTRAQ:20060726 Cisco VPN Concentrator IKE resource exhaustion DoS Advisory URL:http://www.securityfocus.com/archive/1/441203/100/0/threaded BUGTRAQ:20060728 Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory URL:http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html CISCO:20060726 Internet Key Exchange Resource Exhaustion Attack URL:http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html MISC:http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html OSVDB:29068 URL:~~http://www.osvdb.org/29068~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:5299 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299 SECTRACK:1016582 URL:http://securitytracker.com/id?1016582 SREASON:1293 URL:http://securityreason.com/securityalert/1293 XF:cisco-ike-resource-exhaustion-dos(27972) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27972
Assigning CNA
MITRE Corporation
Date Record Created
20060727	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060727)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)