Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Catalyst switches VTP DoS
updated since 28.01.2007
Published:30.01.2007
Source:
SecurityVulns ID:7117
Type:remote
Threat Level:
5/10
Description:Switch crashes on malformed VTP (VLAN Trunking Protocol) Subset-Advert message.
CVE:CVE-2006-4776 (Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.)
 CVE-2006-4775 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.)
 CVE-2006-4774 (The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.)
 CVE-2005-4826 (Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.)
Original documentdocumentCISCO, Re: [Full-disclosure] S21sec-034-en: Cisco VTP DoS vulnerability (30.01.2007)
 documentlabs_(at)_s21sec.com, S21sec-034-en: Cisco VTP DoS vulnerability (28.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod