CVE-2006-4983 - Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3)

CVE-2006-4983

Summary

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

References

http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf
http://www.osvdb.org/30977
http://www.securityfocus.com/archive/1/446421/100/0/threaded

Vulnerable Configurations

cpe:2.3:o:cisco:network_access_control:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:network_access_control:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 17-10-2018 - 21:40)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bugtraq	20060919 White paper release: Bypassing network access control (NAC) systems
misc	http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf
osvdb	30977

Last major update

17-10-2018 - 21:40

Published

26-09-2006 - 02:07

Last modified

17-10-2018 - 21:40