Cisco Spoofed EIGRP Packet Saturation DoS

2002-10-08T04:05:23
ID OSVDB:18055
Type osvdb
Reporter FX(fx@phenoelit.de)
Modified 2002-10-08T04:05:23

Description

Vulnerability Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a flood of spoofed EIGRP neighbor annoucements are sent, causing an ARP storm of address lookups, and will result in loss of availability for the network segment.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): implement MD5 authentication on the EIGRP neighbor announcements.

Short Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a flood of spoofed EIGRP neighbor annoucements are sent, causing an ARP storm of address lookups, and will result in loss of availability for the network segment.

References:

Vendor URL: http://www.cisco.com Vendor Specific Advisory URL Security Tracker: 1005840 Secunia Advisory ID:7766 Other Advisory URL: http://www.phenoelit.de/stuff/CiscoEIGRP.txt ISS X-Force ID: 10903 Generic Exploit URL: http://www.phenoelit.de/irpas/ CVE-2002-2208 Bugtraq ID: 6443