Vulnerabilities > CVE-2005-4437 - Unspecified vulnerability in Extended Interior Gateway Routing Protocol Extended Interior Gateway Routing Protocol 1.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
extended-interior-gateway-routing-protocol
NVD
Published: 2005-12-21
Updated: 2018-10-19

Summary

MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.

Vulnerable Configurations

Part Description Count
Application
Extended_Interior_Gateway_Routing_Protocol
1

Oval

accepted2008-09-08T04:00:41.335-04:00
classvulnerability
contributors
nameYuzheng Zhou
organizationHewlett-Packard
descriptionMD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
familyios
idoval:org.mitre.oval:def:5741
statusaccepted
submitted2008-05-26T11:06:36.000-04:00
titleCisco "EIGRP" Protocol "HELLO" Packet Replay Vulnerability
version3

References