VYPR
Unrated severityNVD Advisory· Published Dec 31, 2006· Updated Jun 16, 2026

CVE-2006-6858

CVE-2006-6858

Description

Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client.

Affected products

5
  • Miredo/Miredo5 versions
    cpe:2.3:a:miredo:miredo:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:miredo:miredo:*:*:*:*:*:*:*:*range: <=1.0.5
    • cpe:2.3:a:miredo:miredo:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:miredo:miredo:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:miredo:miredo:1.0.4:*:*:*:*:*:*:*
    • (no CPE)range: >=0.9.8, <=1.0.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.