Vulnerabilities > CVE-2006-0354 - Resource Management Errors vulnerability in Cisco products

047910
CVSS 5.5 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
low complexity
cisco
CWE-399
exploit available

Summary

Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionCisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS. CVE-2006-0354. Dos exploit for hardware platform
idEDB-ID:1447
last seen2016-01-31
modified2006-01-25
published2006-01-25
reporterPasv
sourcehttps://www.exploit-db.com/download/1447/
titleCisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS

Oval

accepted2008-09-08T04:00:35.719-04:00
classvulnerability
contributors
nameYuzheng Zhou
organizationHewlett-Packard
descriptionCisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
familyios
idoval:org.mitre.oval:def:5680
statusaccepted
submitted2008-05-26T11:06:36.000-04:00
titleCisco Aironet Access Point ARP Memory Exhaustion DoS Vulnerability
version3