CVE-2005-4437
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
High
0.044 Low
EPSS
Percentile
92.4%
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
Affected configurations
References
lists.grok.org.uk/pipermail/full-disclosure/2005-December/040332.html
marc.info/?l=full-disclosure&m=113504451523186&w=2
securityreason.com/securityalert/274
securitytracker.com/id?1015382
www.securityfocus.com/archive/1/419830/100/0/threaded
www.securityfocus.com/archive/1/419898/100/0/threaded
www.securityfocus.com/bid/15970
www.vupen.com/english/advisories/2005/3008
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5741
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
High
0.044 Low
EPSS
Percentile
92.4%