3 results (0.013 seconds)

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040332.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://securityreason.com/securityalert/274 http://securitytracker.com/id?1015382 http://www.securityfocus.com/archive/1/419830/100/0/threaded http://www.securityfocus.com/archive/1/419898/100/0/threaded http://www.securityfocus.com/bid/15970 http://www.vupen.com/english/advisories/2005/3008 https://oval.cisecurity.org/repository/search/definition/ •

CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0

Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2) "goodbye message" Type-Length-Value (TLV). • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://securitytracker.com/id?1015382 http://www.securityfocus.com/archive/1/419898/100/0/threaded http://www.securityfocus.com/bid/15978 http://www.vupen.com/english/advisories/2005/3008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5454 •

CVSS: 7.8EPSS: 11%CPEs: 5EXPL: 1

Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://secunia.com/advisories/7766 http://securitytracker.com/id?1005840 http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html http://www.cisco.com/warp/public/707/eigrp_issue.pdf http://www.osvdb.org/18055 http://www.securityfocus.com/archive/1/304034 http://www.securityfocus.com/archive/1/304044 http://w •