CVE-2006-6264

{"id": "CVE-2006-6264", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-04T11:28:00.000", "references": [{"url": "http://www.securityfocus.com/archive/1/452989/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/452996/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/avcenter/reference/Teredo_Security.pdf", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering."}, {"lang": "es", "value": "Teredo crea entradas de pares de confianza (trusted peer entries) para direcciones Teredo de origen entrantes arbitrarias, lo cual permite a atacantes remotos enviar tr\u00e1fico IPv4 a m\u00e1quinas de la intranet que usan direcciones que no cumplen la RFC1918, evitando el filtro de ingreso de IPv4."}], "lastModified": "2018-10-17T21:47:31.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:teredo:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8944C7E5-8579-4905-8256-613D1E242B7B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}