Lucene search

[email protected]CVE-2005-4436

HistoryDec 21, 2005 - 1:03 a.m.

CVE-2005-4436

2005-12-2101:03:00

[email protected]

web.nvd.nist.gov

cve-2005-4436

eigrp

cisco ios

denial of service

spoofing

security vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a “spoofed neighbor announcement” with (1) mismatched k values or (2) “goodbye message” Type-Length-Value (TLV).

Affected configurations

NVD

Node

extended_interior_gateway_routing_protocolextended_interior_gateway_routing_protocolMatch1.2

References

lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html

marc.info/?l=full-disclosure&m=113504451523186&w=2

securitytracker.com/id?1015382

www.securityfocus.com/archive/1/419898/100/0/threaded

www.securityfocus.com/bid/15978

www.vupen.com/english/advisories/2005/3008

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5454

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.1 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2005-4436

cvelist1 nvd1