Technical Description

Two vulnerabilities were identified in Cisco IOS, which could be exploited by attackers to gain knowledge of sensitive information or cause a denial of service.

The first issue is due to an error in the EIGRP (Enhanced Interior Gateway Routing Protocol) implementation that does not properly handle spoofed neighbor announcement with either mismatched "k" values or "Goodbye Message" TLV, which could result in routing neighbor relationships being torn down and reformed causing a denial of service condition.

The second flaw is due to an error when processing illegitimate "hello" packets in an EIGRP authenticated autonomous system (AS), which could be exploited by malicious users to cause a denial of service or obtain sensitive information about the EIGRP domain.

Affected Products

Cisco IOS 12.x
Cisco IOS 11.x
Cisco IOS 10.x
Cisco IOS R12.x
Cisco IOS R11.x

Solution

The vendor has provided workarounds :
http://www.cisco.com/warp/public/707/cisco-response-20051220-eigrp.shtml

References

http://www.vupen.com/english/advisories/2005/3008
http://www.cisco.com/warp/public/707/cisco-response-20051220-eigrp.shtml

Credits

Vulnerabilities reported by Konstantin V. Gavrilenko and Andrew A. Vladimirov

ChangeLog

2005-12-20 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.