certfr_avis - certa-2005-avi-506

CERTA-2005-AVI-506

Vulnerability from certfr_avis

None

Description

Deux vulnérabilités dans Cisco IOS, causées par une erreur dans le traitement des paquets EIGRP (Enhanced Interior Gateway Routing Protocol), permettent à un utilisateur mal intentionné de réaliser un déni de service à distance ou de porter atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité pour appliquer la solution proposée par l'éditeur (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS	Cisco IOS 11.x ;
Cisco	IOS	Cisco IOS 12.x ;
Cisco	IOS	Cisco IOS 10.x ;
Cisco	IOS	Cisco IOS R12.x.
Cisco	IOS	Cisco IOS R11.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco ID 68459 du 20 décembre 2005

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS 11.x ;",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS 12.x ;",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS 10.x ;",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS R12.x.",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS R11.x ;",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s dans Cisco IOS, caus\u00e9es par une erreur dans le\ntraitement des paquets EIGRP (Enhanced Interior Gateway Routing\nProtocol), permettent \u00e0 un utilisateur mal intentionn\u00e9 de r\u00e9aliser un\nd\u00e9ni de service \u00e0 distance ou de porter atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 pour appliquer la solution propos\u00e9e\npar l\u0027\u00e9diteur (cf. section Documentation).\n",
  "cves": [],
  "initial_release_date": "2005-12-28T00:00:00",
  "last_revision_date": "2005-12-28T00:00:00",
  "links": [],
  "reference": "CERTA-2005-AVI-506",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-12-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco IOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco ID 68459 du 20 d\u00e9cembre 2005",
      "url": "http://www.cisco.com/warp/public/707/cisco-response-20051220-eigrp.shtml"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTA-2005-AVI-506

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature