Vulnerabilities > CVE-2006-3551 - Local Security vulnerability in Secure Client

CVSS 1.2 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

high complexity

ncp-network-communications

NVD

Published: 2006-07-13

Updated: 2017-07-20

Summary

NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67.

Vulnerable Configurations

Part	Description	Count
Application	Ncp_Network_Communications NCP Network Communications Secure Client *	1

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047547.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/27484