Vulnerabilities > CVE-2006-6265 - Remote Security vulnerability in Teredo

CVSS 5.8 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

microsoft

NVD

Published: 2006-12-04

Updated: 2018-10-17

Summary

Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Teredo *	1

References

http://www.securityfocus.com/archive/1/452989/100/0/threaded
http://www.securityfocus.com/archive/1/452996/100/0/threaded
http://www.symantec.com/avcenter/reference/Teredo_Security.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17897