Vulnerability-Lookup

CVE-2002-2208 (GCVE-0-2002-2208)

Vulnerability from cvelistv5 – Published: 2005-12-21 01:00 – Updated: 2024-08-08 03:51

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/18055	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/archive/1/304044	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/6443	vdb-entryx_refsource_BID
	http://www.cisco.com/en/US/tech/tk365/technologie…	vendor-advisoryx_refsource_CISCO
	http://secunia.com/advisories/7766	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1005840	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/304034	mailing-listx_refsource_BUGTRAQ
	http://www.cisco.com/warp/public/707/eigrp_issue.pdf	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/419898/100…	mailing-listx_refsource_BUGTRAQ
	http://lists.grok.org.uk/pipermail/full-disclosur…	mailing-listx_refsource_FULLDISC
	http://marc.info/?l=full-disclosure&m=11350445152…	mailing-listx_refsource_FULLDISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.690Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18055",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/18055"
          },
          {
            "name": "20021219 Re: Cisco IOS EIGRP Network DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/304044"
          },
          {
            "name": "6443",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6443"
          },
          {
            "name": "20021220 Cisco\u0027s Response to the EIGRP Issue",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
          },
          {
            "name": "7766",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/7766"
          },
          {
            "name": "1005840",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1005840"
          },
          {
            "name": "20021219 Cisco IOS EIGRP Network DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/304034"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
          },
          {
            "name": "20051220 Re: Unauthenticated EIGRP DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
          },
          {
            "name": "20051219 Unauthenticated EIGRP DoS",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
          },
          {
            "name": "20051220 RE: Authenticated EIGRP DoS / Information leak",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
          },
          {
            "name": "cisco-ios-eigrp-dos(10903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-12-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18055",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/18055"
        },
        {
          "name": "20021219 Re: Cisco IOS EIGRP Network DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/304044"
        },
        {
          "name": "6443",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6443"
        },
        {
          "name": "20021220 Cisco\u0027s Response to the EIGRP Issue",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
        },
        {
          "name": "7766",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/7766"
        },
        {
          "name": "1005840",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1005840"
        },
        {
          "name": "20021219 Cisco IOS EIGRP Network DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/304034"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
        },
        {
          "name": "20051220 Re: Unauthenticated EIGRP DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
        },
        {
          "name": "20051219 Unauthenticated EIGRP DoS",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
        },
        {
          "name": "20051220 RE: Authenticated EIGRP DoS / Information leak",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
        },
        {
          "name": "cisco-ios-eigrp-dos(10903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2208",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18055",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/18055"
            },
            {
              "name": "20021219 Re: Cisco IOS EIGRP Network DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/304044"
            },
            {
              "name": "6443",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6443"
            },
            {
              "name": "20021220 Cisco\u0027s Response to the EIGRP Issue",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
            },
            {
              "name": "7766",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/7766"
            },
            {
              "name": "1005840",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1005840"
            },
            {
              "name": "20021219 Cisco IOS EIGRP Network DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/304034"
            },
            {
              "name": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
            },
            {
              "name": "20051220 Re: Unauthenticated EIGRP DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
            },
            {
              "name": "20051219 Unauthenticated EIGRP DoS",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
            },
            {
              "name": "20051220 RE: Authenticated EIGRP DoS / Information leak",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
            },
            {
              "name": "cisco-ios-eigrp-dos(10903)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2208",
    "datePublished": "2005-12-21T01:00:00",
    "dateReserved": "2005-12-21T00:00:00",
    "dateUpdated": "2024-08-08T03:51:17.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-2208\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-12-31T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:extended_interior_gateway_routing_protocol:extended_interior_gateway_routing_protocol:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E7830C-3505-41C5-B073-D2F73261CE17\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F86F790-6247-42F2-9487-3D60A2842F52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4BC49F2-3DCB-45F0-9030-13F6415EE178\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/7766\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1005840\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cisco.com/warp/public/707/eigrp_issue.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/18055\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/304034\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/304044\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/419898/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/6443\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/10903\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/7766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1005840\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cisco.com/warp/public/707/eigrp_issue.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/18055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/304034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/304044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/419898/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/6443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/10903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2002-2208

Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html	Exploit
cve@mitre.org	http://marc.info/?l=full-disclosure&m=113504451523186&w=2
cve@mitre.org	http://secunia.com/advisories/7766	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1005840
cve@mitre.org	http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html	Patch
cve@mitre.org	http://www.cisco.com/warp/public/707/eigrp_issue.pdf	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/18055
cve@mitre.org	http://www.securityfocus.com/archive/1/304034	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/304044	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/419898/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/6443
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/10903
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=full-disclosure&m=113504451523186&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/7766	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1005840
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/eigrp_issue.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/18055
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/304034	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/304044	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/419898/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/6443
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/10903

Impacted products

Vendor	Product	Version
extended_interior_gateway_routing_protocol	extended_interior_gateway_routing_protocol	1.2
cisco	ios	11.3
cisco	ios	12.0
cisco	ios	12.1
cisco	ios	12.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:extended_interior_gateway_routing_protocol:extended_interior_gateway_routing_protocol:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E7830C-3505-41C5-B073-D2F73261CE17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network."
    }
  ],
  "id": "CVE-2002-2208",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/7766"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1005840"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/18055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/304034"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/archive/1/304044"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/6443"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/7766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1005840"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/18055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/304034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/archive/1/304044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/6443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2002-2208

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2002-2208

Aliases

CVE-2002-2208

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-2208",
    "description": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.",
    "id": "GSD-2002-2208"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-2208"
      ],
      "details": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.",
      "id": "GSD-2002-2208",
      "modified": "2023-12-13T01:24:08.909092Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-2208",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "18055",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/18055"
          },
          {
            "name": "20021219 Re: Cisco IOS EIGRP Network DoS",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/304044"
          },
          {
            "name": "6443",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/6443"
          },
          {
            "name": "20021220 Cisco\u0027s Response to the EIGRP Issue",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
          },
          {
            "name": "7766",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/7766"
          },
          {
            "name": "1005840",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1005840"
          },
          {
            "name": "20021219 Cisco IOS EIGRP Network DoS",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/304034"
          },
          {
            "name": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf",
            "refsource": "CONFIRM",
            "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
          },
          {
            "name": "20051220 Re: Unauthenticated EIGRP DoS",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
          },
          {
            "name": "20051219 Unauthenticated EIGRP DoS",
            "refsource": "FULLDISC",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
          },
          {
            "name": "20051220 RE: Authenticated EIGRP DoS / Information leak",
            "refsource": "FULLDISC",
            "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
          },
          {
            "name": "cisco-ios-eigrp-dos(10903)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:extended_interior_gateway_routing_protocol:extended_interior_gateway_routing_protocol:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2208"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20021219 Cisco IOS EIGRP Network DoS",
              "refsource": "BUGTRAQ",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/archive/1/304034"
            },
            {
              "name": "20021219 Re: Cisco IOS EIGRP Network DoS",
              "refsource": "BUGTRAQ",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/archive/1/304044"
            },
            {
              "name": "20021220 Cisco\u0027s Response to the EIGRP Issue",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
            },
            {
              "name": "20051219 Unauthenticated EIGRP DoS",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
            },
            {
              "name": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
            },
            {
              "name": "6443",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/6443"
            },
            {
              "name": "18055",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/18055"
            },
            {
              "name": "1005840",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1005840"
            },
            {
              "name": "7766",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/7766"
            },
            {
              "name": "20051220 RE: Authenticated EIGRP DoS / Information leak",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
            },
            {
              "name": "cisco-ios-eigrp-dos(10903)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
            },
            {
              "name": "20051220 Re: Unauthenticated EIGRP DoS",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-19T15:29Z",
      "publishedDate": "2002-12-31T05:00Z"
    }
  }
}

GHSA-PGF7-J693-6P7W

Vulnerability from github – Published: 2022-04-30 18:22 – Updated: 2022-04-30 18:22

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-2208"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.",
  "id": "GHSA-pgf7-j693-6p7w",
  "modified": "2022-04-30T18:22:44Z",
  "published": "2022-04-30T18:22:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2208"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
    },
    {
      "type": "WEB",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/7766"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1005840"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/18055"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/304034"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/304044"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/6443"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200212-0835

Vulnerability from variot - Updated: 2025-04-03 22:11

Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. Internet Operating System (IOS) is the firmware developed and maintained by Cisco for Cisco Routers. A system sending spoofed EIGRP announcements may cause a denial of service to all routers and systems on a given network segment. Due to improper limits in the attempt to discover routers, a neighbor announcement received by routers on a given network segment will result in an address resolution protocol (ARP) storm, filling network capacity while routers attempt to contact the announcing neighbor. Additionally, resources on the router such as CPU will also become bound while the router attempts to reach the announcing neighbor. It should be noted that it is also possible to exploit this vulnerability on systems that accept EIGRP announcements via unicast. Remote attackers can use this vulnerability to carry out denial of service attacks on routers and consume all bandwidth. EIGRP uses automatic discovery of neighbor routers for route discovery. An EIGRP router announces its existence by multicasting on enabled interfaces. If two routers discover each other, they will exchange current topology information, and both sides also need to obtain the MAC address of the other router. When using a random source IP address to generate an EIGRP neighbor advertisement, and perform a \'\'flood\'\' attack on the router or the entire network, all receiving CISCO routers will try to contact the sender, and the sender's IP address must be in the current router configuration in the subnet. There is a loophole in CISCO IOS. When contacting the sender, it will continue to request to send the MAC address. There is no timeout operation in this process, unless the EIGRP neighbor keeping time expires. This value is provided by the sender and can exceed 18 hours at most. Multiple neighbor advertisements using non-existent source IP addresses can cause the router to consume a large amount of CPU utilization and consume a large amount of bandwidth, resulting in a denial of service attack. Using IP multicast and EIGRP announcements will have a better attack effect. CISCO IOS versions lower than 12.0 can receive EIGRP Neighbor Advertisement in unicast mode, resulting in the possibility of attacks through the Internet. Arhont Ltd.- Information Security

Arhont Advisory by: Arhont Ltd Advisory: Unauthenticated EIGRP DoS Class: design bug Version: EIGRP version 1.2 Model Specific: Other versions might have the same bug

DETAILS:

We have used our custom EIGRP packet generator written on Perl to evaluate the security of the EIGRP routing protocol.

In the initial generator testing stage we have successfully reproduced the known DoS against EIGRP discovered by FX and described at http://www.securityfocus.com/bid/6443. This attack is canned in the generator using the --hellodos flag. The testing network was completely brought down due to the ARP storm.

Moving further, we have discovered a novel selective single peer - directed DoS attack employing the EIGRP "Goodbye Message". A goodbye message is sent when an EIGRP routing process is shutting down to tell the neighbors about the impending topology change to speed up the convergence. This feature is supported in Cisco IOS Releases later than 12.3(2), 12.3(3)B, and 12.3(2)T. A spoofed "goodbye message" can be sent to a peer claiming that it's neighbor is down, thus breaking the neighborhood:

arhontus #/eigrp.pl --ipgoodbye 192.168.66.202 --as 65534 --source 192.168.66.191 469573: Aug 16 2005 03:08:11.773 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.111 (Ethernet0/0) is up: new adjacency c2611#sh ip eigrp neigh IP-EIGRP neighbors for process 65534 H Address Interface Hold Uptime SRTT RTO Q Seq (sec)
(ms) Cnt Num 2 192.168.66.111 Et0/0 13 00:01:08 1 5000
1 0 0 192.168.30.191 Se0/0 12 00:05:06 1 4500
0 198 1 192.168.66.191 Et0/0 13 00:05:14 201 1206
0 199

469574: Aug 16 2005 03:09:31.299 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.111 (Ethernet0/0) is down: retry limit exceeded c2611# 469575: Aug 16 2005 03:09:32.818 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.111 (Ethernet0/0) is up: new adjacency c2611# 469576: Aug 16 2005 03:09:56.277 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received c2611# 469577: Aug 16 2005 03:09:59.283 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received 469578: Aug 16 2005 03:09:59.868 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is up: new adjacency c2611# 469579: Aug 16 2005 03:10:02.288 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received c2611# 469580: Aug 16 2005 03:10:04.676 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is up: new adjacency 469581: Aug 16 2005 03:10:05.289 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received c2611# 469582: Aug 16 2005 03:10:08.290 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received

c2611#sh ip eigrp neigh IP-EIGRP neighbors for process 65534 H Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num 0 192.168.30.191 Se0/0 14 00:09:50 1 4500
0 286

This selective nighborhood breaking can be used for other purposes, than DoS. Re-initiating the EIGRP handshake helps a sniffing attacker to find information about the EIGRP routing domain topology. Possessing such information, a skilled attacker can selectively break the neighborhood to redirect traffic the way he wants.

Of course, on an unportected EIGRP domain there is a much simpler way of traffic redirection, which is either directly injecting the routes using our packet generator or establishing a fake neighbourhood and supplying metric parameters to the legitimate peers, which would lead DUAL to favor the fake neighbor.

Risk Factor: Medium

Workarounds: Always use EIGRP MD5-based authentication.

Communication History: sent to PSIRT on 10/10/05

*According to the Arhont Ltd. policy, all of the found vulnerabilities and security issues will be reported to the manufacturer at least 7 days before releasing them to the public domains (such as CERT and BUGTRAQ).

If you would like to get more information about this issue, please do not hesitate to contact Arhont team.*

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200212-0835",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "11.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "12.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "12.0"
      },
      {
        "model": "extended interior gateway routing protocol",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "extended interior gateway routing protocol",
        "version": "1.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "FX fx@phenoelit.de\u203bPaul Oxman\u203b poxman@cisco.com\u203bAndrew A. Vladimirov\u203b mlists@arhont.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2002-2208",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2002-2208",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-6591",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2002-2208",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200212-280",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-6591",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. Internet Operating System (IOS) is the firmware developed and maintained by Cisco for Cisco Routers. \nA system sending spoofed EIGRP announcements may cause a denial of service to all routers and systems on a given network segment.  Due to improper limits in the attempt to discover routers, a neighbor announcement received by routers on a given network segment will result in an address resolution protocol (ARP) storm, filling network capacity while routers attempt to contact the announcing neighbor.  Additionally, resources on the router such as CPU will also become bound while the router attempts to reach the announcing neighbor.  It should be noted that it is also possible to exploit this vulnerability on systems that accept EIGRP announcements via unicast. Remote attackers can use this vulnerability to carry out denial of service attacks on routers and consume all bandwidth. EIGRP uses automatic discovery of neighbor routers for route discovery. An EIGRP router announces its existence by multicasting on enabled interfaces. If two routers discover each other, they will exchange current topology information, and both sides also need to obtain the MAC address of the other router. When using a random source IP address to generate an EIGRP neighbor advertisement, and perform a \\\u0027\\\u0027flood\\\u0027\\\u0027 attack on the router or the entire network, all receiving CISCO routers will try to contact the sender, and the sender\u0027s IP address must be in the current router configuration in the subnet. There is a loophole in CISCO IOS. When contacting the sender, it will continue to request to send the MAC address. There is no timeout operation in this process, unless the EIGRP neighbor keeping time expires. This value is provided by the sender and can exceed 18 hours at most. Multiple neighbor advertisements using non-existent source IP addresses can cause the router to consume a large amount of CPU utilization and consume a large amount of bandwidth, resulting in a denial of service attack. Using IP multicast and EIGRP announcements will have a better attack effect. CISCO IOS versions lower than 12.0 can receive EIGRP Neighbor Advertisement in unicast mode, resulting in the possibility of attacks through the Internet. Arhont Ltd.- Information Security\n\nArhont Advisory by:    Arhont Ltd\nAdvisory:               Unauthenticated EIGRP DoS\nClass:            design bug\nVersion:        EIGRP version 1.2\nModel Specific:         Other versions might have the same bug\n\nDETAILS:\n\nWe have used our custom EIGRP packet generator written on Perl to \nevaluate the security of the EIGRP routing protocol. \n\nIn the initial generator testing stage we have successfully reproduced \nthe known DoS against EIGRP discovered by FX and described\nat http://www.securityfocus.com/bid/6443. This attack is canned in the \ngenerator using the --hellodos flag. The testing network was\ncompletely brought down due to the ARP storm. \n\nMoving further, we have discovered a novel selective single peer - \ndirected DoS attack employing the EIGRP \"Goodbye Message\". A goodbye\nmessage is sent when an EIGRP routing process is shutting down to tell \nthe neighbors about the impending topology change to speed up the\nconvergence. This feature is supported in Cisco IOS Releases later than \n12.3(2), 12.3(3)B, and 12.3(2)T. A spoofed \"goodbye message\" can\nbe sent to a peer claiming that it\u0027s neighbor is down, thus breaking the \nneighborhood:\n\narhontus #/eigrp.pl --ipgoodbye 192.168.66.202 --as 65534 --source \n192.168.66.191\n469573: Aug 16 2005 03:08:11.773 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.111 (Ethernet0/0) is up: new adjacency\nc2611#sh ip eigrp neigh\nIP-EIGRP neighbors for process 65534\nH   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq\n                                            (sec)         \n(ms)                                Cnt Num\n2   192.168.66.111          Et0/0       13 00:01:08        1       5000  \n1    0\n0   192.168.30.191          Se0/0      12 00:05:06        1       4500  \n0  198\n1   192.168.66.191          Et0/0       13 00:05:14      201     1206  \n0  199\n\n469574: Aug 16 2005 03:09:31.299 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.111 (Ethernet0/0) is down: retry limit exceeded\nc2611#\n469575: Aug 16 2005 03:09:32.818 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.111 (Ethernet0/0) is up: new adjacency\nc2611#\n469576: Aug 16 2005 03:09:56.277 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received\nc2611#\n469577: Aug 16 2005 03:09:59.283 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received\n469578: Aug 16 2005 03:09:59.868 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is up: new adjacency\nc2611#\n469579: Aug 16 2005 03:10:02.288 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received\nc2611#\n469580: Aug 16 2005 03:10:04.676 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is up: new adjacency\n469581: Aug 16 2005 03:10:05.289 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received\nc2611#\n469582: Aug 16 2005 03:10:08.290 GMT: %DUAL-5-NBRCHANGE: IP-EIGRP(0) \n65534: Neighbor 192.168.66.191 (Ethernet0/0) is down: Peer goodbye received\n\nc2611#sh ip eigrp neigh\nIP-EIGRP neighbors for process 65534\nH   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq\n                                                             \n(sec)           (ms)            Cnt Num\n0   192.168.30.191          Se0/0       14 00:09:50       1       4500  \n0   286\n\nThis selective nighborhood breaking can be used for other purposes, than \nDoS. Re-initiating the EIGRP handshake helps a sniffing attacker to find\ninformation about the EIGRP routing domain topology. Possessing such \ninformation, a skilled attacker can selectively break the neighborhood \nto redirect\ntraffic the way he wants. \n\nOf course, on an unportected EIGRP domain there is a much simpler way of \ntraffic redirection, which is either directly injecting the routes using \nour\npacket generator or establishing a fake neighbourhood and supplying \nmetric parameters to the legitimate peers, which would lead DUAL to \nfavor the fake\nneighbor. \n\nRisk Factor: Medium\n\nWorkarounds: Always use EIGRP MD5-based authentication. \n\nCommunication History: sent to PSIRT on 10/10/05\n\n*According to the Arhont Ltd. policy, all of the found vulnerabilities \nand security issues will be reported to the manufacturer at least 7 days \nbefore\nreleasing them to the public domains (such as CERT and BUGTRAQ). \n\nIf you would like to get more information about this issue, please do \nnot hesitate to contact Arhont team.*\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      },
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "db": "PACKETSTORM",
        "id": "42576"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "6443",
        "trust": 2.1
      },
      {
        "db": "SECUNIA",
        "id": "7766",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "18055",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1005840",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280",
        "trust": 0.7
      },
      {
        "db": "FULLDISC",
        "id": "20051220 RE: AUTHENTICATED EIGRP DOS / INFORMATION LEAK",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20051219 UNAUTHENTICATED EIGRP DOS",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "4066",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "10903",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20021220 CISCO\u0027S RESPONSE TO THE EIGRP ISSUE",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20021219 RE: CISCO IOS EIGRP NETWORK DOS",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20051220 RE: UNAUTHENTICATED EIGRP DOS",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20021219 CISCO IOS EIGRP NETWORK DOS",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-6591",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "42576",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "PACKETSTORM",
        "id": "42576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "id": "VAR-200212-0835",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-03T22:11:19.365000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/6443"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/304034"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/304044"
      },
      {
        "trust": 1.7,
        "url": "http://www.cisco.com/en/us/tech/tk365/technologies_security_notice09186a008011c5e1.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.cisco.com/warp/public/707/eigrp_issue.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-december/040330.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/18055"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1005840"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/7766"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/419898/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10903"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/10903"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/419898/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://marc.theaimsgroup.com/?l=full-disclosure\u0026m=113504451523186\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/4066"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/419830"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/304034"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/304044"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=full-disclosure\u0026amp;m=113504451523186\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://www.securityfocus.com/bid/6443."
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "PACKETSTORM",
        "id": "42576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "PACKETSTORM",
        "id": "42576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2002-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "date": "2002-12-19T00:00:00",
        "db": "BID",
        "id": "6443"
      },
      {
        "date": "2005-12-28T04:59:14",
        "db": "PACKETSTORM",
        "id": "42576"
      },
      {
        "date": "2002-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "date": "2002-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-6591"
      },
      {
        "date": "2002-12-19T00:00:00",
        "db": "BID",
        "id": "6443"
      },
      {
        "date": "2006-05-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      },
      {
        "date": "2025-04-03T01:03:51.193000",
        "db": "NVD",
        "id": "CVE-2002-2208"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS EIGRP notice ARP Denial of service attack vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "6443"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200212-280"
      }
    ],
    "trust": 0.9
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2002-2208 (GCVE-0-2002-2208)

FKIE_CVE-2002-2208

GSD-2002-2208

GHSA-PGF7-J693-6P7W

VAR-200212-0835

Tags

Sightings

Nomenclature