Lucene search

[email protected]CVE-2005-4440

HistoryDec 21, 2005 - 2:03 a.m.

CVE-2005-4440

2005-12-2102:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

802.1q

vlan

network segmentation

spoofing

yersinia

double-tagging

cve-2005-4440

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.1%

JSON

The 802.1q VLAN protocol allows remote attackers to bypass network segmentation and spoof VLAN traffic via a message with two 802.1q tags, which causes the second tag to be redirected from a downstream switch after the first tag has been stripped, as demonstrated by Yersinia, aka “double-tagging VLAN jumping attack.”

CPENameOperatorVersion
vlan_protocol:vlan_protocolvlan protocoleq802.1q

CPE	Name	Operator	Version
vlan_protocol:vlan_protocol	vlan protocol	eq	802.1q

References

lists.grok.org.uk/pipermail/full-disclosure/2005-December/040333.html

www.securityfocus.com/archive/1/419831/100/0/threaded

www.securityfocus.com/archive/1/419834/100/0/threaded

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.1%

JSON