CVE-2006-0905

Publication date 23 March 2006

Last updated 17 July 2025

Ubuntu priority

A “programming error” in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
kfreebsd-5	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Fixed 5.4-17
	8.04 LTS hardy	Fixed 5.4-17
	7.10 gutsy	Fixed 5.4-17
	7.04 feisty	Fixed 5.4-17
	6.10 edgy	Fixed 5.4-17
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-0905