Lucene search

[email protected]CVE-2002-2208

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2208

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

eigrp

cisco ios

vulnerability

denial of service

flood

spoofing

arp storm

nvd

cve-2002-2208

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.

CPENameOperatorVersion
extended_interior_gateway_routing_protocol:extended_interior_gateway_routing_protocolextended interior gateway routing protocoleq1.2
cisco:ioscisco ioseq11.3
cisco:ioscisco ioseq12.1
cisco:ioscisco ioseq12.2
cisco:ioscisco ioseq12.0

CPE	Name	Operator	Version
extended_interior_gateway_routing_protocol:extended_interior_gateway_routing_protocol	extended interior gateway routing protocol	eq	1.2
cisco:ios	cisco ios	eq	11.3
cisco:ios	cisco ios	eq	12.1
cisco:ios	cisco ios	eq	12.2
cisco:ios	cisco ios	eq	12.0

References

lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html

marc.info/?l=full-disclosure&m=113504451523186&w=2

secunia.com/advisories/7766

securitytracker.com/id?1005840

www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html

www.cisco.com/warp/public/707/eigrp_issue.pdf

www.osvdb.org/18055

www.securityfocus.com/archive/1/304034

www.securityfocus.com/archive/1/304044

www.securityfocus.com/archive/1/419898/100/0/threaded

www.securityfocus.com/bid/6443

exchange.xforce.ibmcloud.com/vulnerabilities/10903

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.118 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2002-2208

nessus1