CVE-2006-4650
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
95.5%
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.
Affected configurations
References
secunia.com/advisories/21783
securityreason.com/securityalert/1526
securitytracker.com/id?1016799
www.cisco.com/en/US/tech/tk827/tk369/tsd_technology_security_response09186a008072cd7b.html
www.osvdb.org/28590
www.phenoelit.de/stuff/CiscoGRE.txt
www.securityfocus.com/archive/1/445322/100/0/threaded
www.securityfocus.com/bid/19878
www.vupen.com/english/advisories/2006/3502
exchange.xforce.ibmcloud.com/vulnerabilities/28786
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5713
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
95.5%