var-200512-0078
Vulnerability from variot
Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2) "goodbye message" Type-Length-Value (TLV). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Cisco IOS Implemented in EIGRP There are several problems: 1) EIGRP Adjacent devices are notified when the routing process ends Goodbye Message There is a problem with improper handling. Intentionally created by a remote attacker Goodbye Message If is sent, adjacency with the device may be lost. 2) Authenticated EIGRP There is a flaw in the packet verification method, MD5 Contains a hash value EIGRP There is a problem that allows eavesdropping on packets and reusing their hash values. A remote attacker EIGRP HELLO If a packet is sent to the target device, the response from the target device EIGRP You may get information about your domain. Also, BID 6443 Like the problem of network bandwidth ARP It can be exhausted with requests and eventually result in an unusable network.Please refer to the “Overview” for the impact of this vulnerability. This issue allows attackers to gain access to potentially sensitive network information in EIGRP UPDATE reply packets, or to cause a denial of service condition by flooding routers with HELLO packets. By utilizing replayed HELLO packets with MD5 enabled, attackers may cause a more severe denial of service condition. The Cisco EIGRP protocol is susceptible to a remote denial of service vulnerability. This issue is possible when MD5 neighbor authentication is not in use. This issue allows attackers to cause routing relationships to be torn down, forcing them to be reestablished. The routing link will be unavailable during the time that the link is torn down, until it is reestablished. By repeating the attack, a sustained denial of network service is possible. This issue is being tracked by Cisco Bug ID CSCsc13698. Internet Operating System (IOS) is an operating system used on CISCO routers. There is a loophole in the EIGRP implementation of IOS, and attackers may use this loophole to carry out denial-of-service attacks on routers. Attackers can inject forged packets into the network outside the perimeter so that receiving hosts will believe them. Successful exploitation of this vulnerability could lead to the destruction and reconstruction of routing neighbor relationships, and repeated attacks could lead to persistent denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0078",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "eigrp",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "extended interior gateway routing protocol",
"scope": "eq",
"trust": 0.6,
"vendor": "extended interior gateway routing protocol",
"version": "1.2"
}
],
"sources": [
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Konstantin V. Gavrilenko mlists@arhont.com Andrew A. Vladimirov mlists@arhont.com Paul Oxman poxman@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
}
],
"trust": 0.6
},
"cve": "CVE-2005-4436",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4436",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-15644",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4436",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2005-4436",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-465",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-15644",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15644"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a \"spoofed neighbor announcement\" with (1) mismatched k values or (2) \"goodbye message\" Type-Length-Value (TLV). ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Cisco IOS Implemented in EIGRP There are several problems: 1) EIGRP Adjacent devices are notified when the routing process ends Goodbye Message There is a problem with improper handling. Intentionally created by a remote attacker Goodbye Message If is sent, adjacency with the device may be lost. 2) Authenticated EIGRP There is a flaw in the packet verification method, MD5 Contains a hash value EIGRP There is a problem that allows eavesdropping on packets and reusing their hash values. A remote attacker EIGRP HELLO If a packet is sent to the target device, the response from the target device EIGRP You may get information about your domain. Also, BID 6443 Like the problem of network bandwidth ARP It can be exhausted with requests and eventually result in an unusable network.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. \nThis issue allows attackers to gain access to potentially sensitive network information in EIGRP UPDATE reply packets, or to cause a denial of service condition by flooding routers with HELLO packets. By utilizing replayed HELLO packets with MD5 enabled, attackers may cause a more severe denial of service condition. The Cisco EIGRP protocol is susceptible to a remote denial of service vulnerability. This issue is possible when MD5 neighbor authentication is not in use. \nThis issue allows attackers to cause routing relationships to be torn down, forcing them to be reestablished. The routing link will be unavailable during the time that the link is torn down, until it is reestablished. By repeating the attack, a sustained denial of network service is possible. \nThis issue is being tracked by Cisco Bug ID CSCsc13698. Internet Operating System (IOS) is an operating system used on CISCO routers. There is a loophole in the EIGRP implementation of IOS, and attackers may use this loophole to carry out denial-of-service attacks on routers. Attackers can inject forged packets into the network outside the perimeter so that receiving hosts will believe them. Successful exploitation of this vulnerability could lead to the destruction and reconstruction of routing neighbor relationships, and repeated attacks could lead to persistent denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4436"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "VULHUB",
"id": "VHN-15644"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "15978",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2005-4436",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1015382",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2005-3008",
"trust": 1.7
},
{
"db": "BID",
"id": "15970",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20051220 RE: AUTHENTICATED EIGRP DOS / INFORMATION LEAK",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20051219 UNAUTHENTICATED EIGRP DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051220 RE: UNAUTHENTICATED EIGRP DOS",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5454",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-15644",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15644"
},
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"id": "VAR-200512-0078",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-15644"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:50:13.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-response-20051220-eigrp",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-response-20051220-eigrp.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/15978"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-december/040330.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015382"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2005/3008"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5454"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2005/3008"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-4437"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-4436"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/15970"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.6,
"url": "/archive/1/419898"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/419898/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5454"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/419830"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=full-disclosure\u0026amp;m=113504451523186\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-15644"
},
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-15644"
},
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-15644"
},
{
"date": "2005-12-19T00:00:00",
"db": "BID",
"id": "15970"
},
{
"date": "2005-12-19T00:00:00",
"db": "BID",
"id": "15978"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"date": "2005-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"date": "2005-12-21T01:03:00",
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-15644"
},
{
"date": "2005-12-19T00:00:00",
"db": "BID",
"id": "15970"
},
{
"date": "2005-12-19T00:00:00",
"db": "BID",
"id": "15978"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000748"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-465"
},
{
"date": "2024-11-21T00:04:15.457000",
"db": "NVD",
"id": "CVE-2005-4436"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS of EIGRP Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000748"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "15970"
},
{
"db": "BID",
"id": "15978"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-465"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.