Lucene search

[email protected]CVE-2006-4650

HistorySep 09, 2006 - 12:04 a.m.

CVE-2006-4650

2006-09-0900:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

ios

gre

ip tunneling

vulnerability

cve-2006-4650

rfc2784

integer overflow

remote attackers

routing queue

acls

7.2 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.093 Low

EPSS

Percentile

94.6%

JSON

Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.

CPENameOperatorVersion
cisco:ioscisco ioseq12.1
cisco:ioscisco ioseq12.2
cisco:ioscisco ioseq12.0

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	12.1
cisco:ios	cisco ios	eq	12.2
cisco:ios	cisco ios	eq	12.0

References

secunia.com/advisories/21783

securityreason.com/securityalert/1526

securitytracker.com/id?1016799

www.cisco.com/en/US/tech/tk827/tk369/tsd_technology_security_response09186a008072cd7b.html

www.osvdb.org/28590

www.phenoelit.de/stuff/CiscoGRE.txt

www.securityfocus.com/archive/1/445322/100/0/threaded

www.securityfocus.com/bid/19878

www.vupen.com/english/advisories/2006/3502

exchange.xforce.ibmcloud.com/vulnerabilities/28786

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5713

7.2 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.093 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2006-4650

nessus1