cvelistv5 - cve-2006-4775

cve-2006-4775

Vulnerability from cvelistv5

Published

2006-09-14 00:00

Modified

2024-08-07 19:23

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21896	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/21902	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016843
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml	Patch
cve@mitre.org	http://www.kb.cert.org/vuls/id/175148	US Government Resource
cve@mitre.org	http://www.osvdb.org/28776
cve@mitre.org	http://www.phenoelit.de/stuff/CiscoVTP.txt
cve@mitre.org	http://www.securityfocus.com/archive/1/445896/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/445938/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/19998
cve@mitre.org	http://www.vupen.com/english/advisories/2006/3600	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28925
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21896	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21902	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016843
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/175148	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/28776
af854a3a-2127-422b-91ae-364da2661108	http://www.phenoelit.de/stuff/CiscoVTP.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445896/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445938/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19998
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3600	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28925

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:23:40.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
          },
          {
            "name": "21896",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21896"
          },
          {
            "name": "19998",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19998"
          },
          {
            "name": "28776",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28776"
          },
          {
            "name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
          },
          {
            "name": "1016843",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016843"
          },
          {
            "name": "20060913 Re: Cisco IOS VTP issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
          },
          {
            "name": "ADV-2006-3600",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3600"
          },
          {
            "name": "cisco-ios-vtp-wrap-config-manipulation(28925)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
          },
          {
            "name": "VU#175148",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/175148"
          },
          {
            "name": "20060913 Cisco IOS VTP issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
          },
          {
            "name": "21902",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21902"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
        },
        {
          "name": "21896",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21896"
        },
        {
          "name": "19998",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19998"
        },
        {
          "name": "28776",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28776"
        },
        {
          "name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
        },
        {
          "name": "1016843",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016843"
        },
        {
          "name": "20060913 Re: Cisco IOS VTP issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
        },
        {
          "name": "ADV-2006-3600",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3600"
        },
        {
          "name": "cisco-ios-vtp-wrap-config-manipulation(28925)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
        },
        {
          "name": "VU#175148",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/175148"
        },
        {
          "name": "20060913 Cisco IOS VTP issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
        },
        {
          "name": "21902",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21902"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4775",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.phenoelit.de/stuff/CiscoVTP.txt",
              "refsource": "MISC",
              "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
            },
            {
              "name": "21896",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21896"
            },
            {
              "name": "19998",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19998"
            },
            {
              "name": "28776",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/28776"
            },
            {
              "name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
            },
            {
              "name": "1016843",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016843"
            },
            {
              "name": "20060913 Re: Cisco IOS VTP issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
            },
            {
              "name": "ADV-2006-3600",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3600"
            },
            {
              "name": "cisco-ios-vtp-wrap-config-manipulation(28925)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
            },
            {
              "name": "VU#175148",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/175148"
            },
            {
              "name": "20060913 Cisco IOS VTP issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
            },
            {
              "name": "21902",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21902"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4775",
    "datePublished": "2006-09-14T00:00:00",
    "dateReserved": "2006-09-13T00:00:00",
    "dateUpdated": "2024-08-07T19:23:40.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4775\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-09-14T00:07:00.000\",\"lastModified\":\"2024-11-21T00:16:43.963\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.\"},{\"lang\":\"es\",\"value\":\"El VLAN Trunking Protocol (VTP) caracter\u00edstico en Cisco IOS 12.1(19) y CatOS permite a un atacante remoto provocar una denegaci\u00f3n de servicio con el env\u00edo de una actualizaci\u00f3n de VTP con un valor de revisi\u00f3n de 0x7FFFFFFF, el cual se incrementa a 0x80000000 y es interpretado como un n\u00famero negativo en un contexto de se\u00f1ales.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.1\\\\(19\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4944AFEF-D002-4C86-958A-4EB753399FB5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE3424FF-8507-4C7A-8858-EA89931A74DB\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21896\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21902\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016843\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/175148\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/28776\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.phenoelit.de/stuff/CiscoVTP.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/445896/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/445938/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19998\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3600\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28925\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21902\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016843\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/175148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/28776\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.phenoelit.de/stuff/CiscoVTP.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/445896/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/445938/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3600\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28925\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2006-4775

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-4775

Aliases

CVE-2006-4775

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4775",
    "description": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.",
    "id": "GSD-2006-4775"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4775"
      ],
      "details": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.",
      "id": "GSD-2006-4775",
      "modified": "2023-12-13T01:19:51.312207Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-4775",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.phenoelit.de/stuff/CiscoVTP.txt",
            "refsource": "MISC",
            "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
          },
          {
            "name": "21896",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21896"
          },
          {
            "name": "19998",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19998"
          },
          {
            "name": "28776",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/28776"
          },
          {
            "name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
          },
          {
            "name": "1016843",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016843"
          },
          {
            "name": "20060913 Re: Cisco IOS VTP issues",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
          },
          {
            "name": "ADV-2006-3600",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3600"
          },
          {
            "name": "cisco-ios-vtp-wrap-config-manipulation(28925)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
          },
          {
            "name": "VU#175148",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/175148"
          },
          {
            "name": "20060913 Cisco IOS VTP issues",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
          },
          {
            "name": "21902",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21902"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.1\\(19\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4775"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Patch"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
            },
            {
              "name": "19998",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19998"
            },
            {
              "name": "21896",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21896"
            },
            {
              "name": "21902",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21902"
            },
            {
              "name": "http://www.phenoelit.de/stuff/CiscoVTP.txt",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
            },
            {
              "name": "1016843",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016843"
            },
            {
              "name": "VU#175148",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/175148"
            },
            {
              "name": "28776",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/28776"
            },
            {
              "name": "ADV-2006-3600",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3600"
            },
            {
              "name": "cisco-ios-vtp-wrap-config-manipulation(28925)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
            },
            {
              "name": "20060913 Re: Cisco IOS VTP issues",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
            },
            {
              "name": "20060913 Cisco IOS VTP issues",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:39Z",
      "publishedDate": "2006-09-14T00:07Z"
    }
  }
}

fkie_cve-2006-4775

Vulnerability from fkie_nvd

Published

2006-09-14 00:07

Modified

2024-11-21 00:16

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21896	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/21902	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016843
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml	Patch
cve@mitre.org	http://www.kb.cert.org/vuls/id/175148	US Government Resource
cve@mitre.org	http://www.osvdb.org/28776
cve@mitre.org	http://www.phenoelit.de/stuff/CiscoVTP.txt
cve@mitre.org	http://www.securityfocus.com/archive/1/445896/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/445938/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/19998
cve@mitre.org	http://www.vupen.com/english/advisories/2006/3600	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28925
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21896	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21902	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016843
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/175148	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/28776
af854a3a-2127-422b-91ae-364da2661108	http://www.phenoelit.de/stuff/CiscoVTP.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445896/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445938/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19998
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3600	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28925

Impacted products

	Vendor	Product	Version
	cisco	ios	12.1\(19\)
	cisco	catos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4944AFEF-D002-4C86-958A-4EB753399FB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3424FF-8507-4C7A-8858-EA89931A74DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."
    },
    {
      "lang": "es",
      "value": "El VLAN Trunking Protocol (VTP) caracter\u00edstico en Cisco IOS 12.1(19) y CatOS permite a un atacante remoto provocar una denegaci\u00f3n de servicio con el env\u00edo de una actualizaci\u00f3n de VTP con un valor de revisi\u00f3n de 0x7FFFFFFF, el cual se incrementa a 0x80000000 y es interpretado como un n\u00famero negativo en un contexto de se\u00f1ales."
    }
  ],
  "id": "CVE-2006-4775",
  "lastModified": "2024-11-21T00:16:43.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-14T00:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21896"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21902"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016843"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/175148"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/28776"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19998"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3600"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21896"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/175148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/28776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. Cisco IOS fails to properly verify the VTP configuration revision number. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Cisco IOS Is VLAN Trunk protocol (VTP) There are several security issues in the implementation of: 1) VTP Included in packet VTP There is a flaw in the processing of the version field, so if an inappropriate value is set, the processing will go into a loop and the device will be reset. (CVE-2006-4774) If exploited by a remote attacker, the device could go into a denial of service. 2) Since there is a flaw that the setting revision number is processed as a negative integer, VLAN There is a problem that changes in configuration information are not properly reflected. (CVE-2006-4775) If exploited by a remote attacker, VLAN Changing the setting information may be hindered. 3) VLAN There is a flaw in checking the length of the name, 100 There is a problem where heap overflow occurs when processing names longer than letters. (CVE-2006-4776) If exploited by a remote attacker, the device could go into a denial of service or potentially execute arbitrary code.Please refer to the “Overview” for the impact of this vulnerability. Cisco IOS is prone to multiple vulnerabilities when handling VLAN Trunking Protocol (VTP) packets. These issues include two denial-of-service vulnerabilities and a buffer-overflow vulnerability. Attackers require access to trunk ports on affected devices for VTP packets to be accepted. Attackers may reportedly use the Dynamic Trunk Protocol (DTP) to become a trunking peer to gain required access. By exploiting these issues, attackers may crash affected routers, cause further VTP packets to be ignored, or potentially execute arbitrary machine code in the context of affected devices. Cisco IOS 12.1(19) is vulnerable to these issues; other versions are also likely affected. 2 VTP Modified Version Integer Wrapping If an attacker can send VTP updates (digest and sub) to a Cisco IOS or CatOS device, he can choose the modified version number of the VTP message himself. IOS will accept the version number 0x7FFFFFFF. Therefore, this revision number is treated as a large negative value. From this point on the switch cannot communicate with the changed VLAN configuration, as all other switches will reject the generated update, 3 VLAN name heap overflow If an attacker is able to send VTP updates to the Cisco IOS device, type 2 frames contain record of. One field of the VTP record contains the name of the VLAN, and the other field is the length of the name. If the updated VLAN name is larger than 100 bytes and the VLAN name length field is correct, it will cause a heap overflow and execute arbitrary code on the receiving switch.

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.

Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/

TITLE: Cisco IOS VTP Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA21896

VERIFY ADVISORY: http://secunia.com/advisories/21896/

CRITICAL: Moderately critical

IMPACT: Manipulation of data, DoS, System access

WHERE:

From local network

OPERATING SYSTEM: Cisco IOS 10.x http://secunia.com/product/184/ Cisco IOS 11.x http://secunia.com/product/183/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco IOS R11.x http://secunia.com/product/53/ Cisco IOS R12.x http://secunia.com/product/50/

DESCRIPTION: FX has reported some vulnerabilities in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable network device. This can be exploited to reset the switch with a Software Forced Crash Exception by sending a specially crafted packet to a trunk enabled port.

2) An integer overflow error exists in the VTP configuration revision handling.

3) A boundary error exists in the processing of VTP summary advertisement messages. This can be exploited to cause a heap-based buffer overflow by sending a specially crafted message containing an overly long VLAN name (more than 100 characters) to a trunk enabled port.

NOTE: The packets must be received with a matching domain name and a matching VTP domain password (if configured).

SOLUTION: A fix is reportedly available for vulnerability #1. The vendor also recommends applying a VTP domain password to the VTP domain (see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: FX, Phenoelit.

ORIGINAL ADVISORY: Phenoelit: http://www.phenoelit.de/stuff/CiscoVTP.txt

Cisco: http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200609-0179",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": null,
        "trust": 1.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.1\\(19\\)"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "catos",
        "scope": null,
        "trust": 0.9,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.1(19)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "BID",
        "id": "19998"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:cisco:ios",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "FX fx@phenoelit.de",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-4775",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-4775",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-20883",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-4775",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#542108",
            "trust": 0.8,
            "value": "22.74"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#175148",
            "trust": 0.8,
            "value": "3.37"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-4775",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200609-238",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-20883",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. Cisco IOS fails to properly verify the VTP configuration revision number. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Cisco IOS Is VLAN Trunk protocol (VTP) There are several security issues in the implementation of: 1) VTP Included in packet VTP There is a flaw in the processing of the version field, so if an inappropriate value is set, the processing will go into a loop and the device will be reset. (CVE-2006-4774) If exploited by a remote attacker, the device could go into a denial of service. 2) Since there is a flaw that the setting revision number is processed as a negative integer, VLAN There is a problem that changes in configuration information are not properly reflected. (CVE-2006-4775) If exploited by a remote attacker, VLAN Changing the setting information may be hindered. 3) VLAN There is a flaw in checking the length of the name, 100 There is a problem where heap overflow occurs when processing names longer than letters. (CVE-2006-4776) If exploited by a remote attacker, the device could go into a denial of service or potentially execute arbitrary code.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Cisco IOS is prone to multiple vulnerabilities when handling VLAN Trunking Protocol (VTP) packets. \nThese issues include two denial-of-service vulnerabilities and a buffer-overflow vulnerability. \nAttackers require access to trunk ports on affected devices for VTP packets to be accepted. Attackers may reportedly use the Dynamic Trunk Protocol (DTP) to become a trunking peer to gain required access. \nBy exploiting these issues, attackers may crash affected routers, cause further VTP packets to be ignored, or potentially execute arbitrary machine code in the context of affected devices. \nCisco IOS 12.1(19) is vulnerable to these issues; other versions are also likely affected. 2 VTP Modified Version Integer Wrapping If an attacker can send VTP updates (digest and sub) to a Cisco IOS or CatOS device, he can choose the modified version number of the VTP message himself. IOS will accept the version number 0x7FFFFFFF. Therefore, this revision number is treated as a large negative value. From this point on the switch cannot communicate with the changed VLAN configuration, as all other switches will reject the generated update, 3 VLAN name heap overflow If an attacker is able to send VTP updates to the Cisco IOS device, type 2 frames contain record of. One field of the VTP record contains the name of the VLAN, and the other field is the length of the name. If the updated VLAN name is larger than 100 bytes and the VLAN name length field is correct, it will cause a heap overflow and execute arbitrary code on the receiving switch. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IOS VTP Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21896\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21896/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nCisco IOS 10.x\nhttp://secunia.com/product/184/\nCisco IOS 11.x\nhttp://secunia.com/product/183/\nCisco IOS 12.x\nhttp://secunia.com/product/182/\nCisco IOS R11.x\nhttp://secunia.com/product/53/\nCisco IOS R12.x\nhttp://secunia.com/product/50/\n\nDESCRIPTION:\nFX has reported some vulnerabilities in Cisco IOS, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially to compromise a vulnerable network device. This can be exploited to reset the switch\nwith a Software Forced Crash Exception by sending a specially crafted\npacket to a trunk enabled port. \n\n2) An integer overflow error exists in the VTP configuration revision\nhandling. \n\n3) A boundary error exists in the processing of VTP summary\nadvertisement messages. This can be exploited to cause a heap-based\nbuffer overflow by sending a specially crafted message containing an\noverly long VLAN name (more than 100 characters) to a trunk enabled\nport. \n\nNOTE: The packets must be received with a matching domain name and a\nmatching VTP domain password (if configured). \n\nSOLUTION:\nA fix is reportedly available for vulnerability #1. The vendor also\nrecommends applying a VTP domain password to the VTP domain (see the\nvendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nFX, Phenoelit. \n\nORIGINAL ADVISORY:\nPhenoelit:\nhttp://www.phenoelit.de/stuff/CiscoVTP.txt\n\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      },
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "BID",
        "id": "19998"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "PACKETSTORM",
        "id": "50047"
      },
      {
        "db": "PACKETSTORM",
        "id": "50048"
      }
    ],
    "trust": 3.6
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "21896",
        "trust": 3.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "19998",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "21902",
        "trust": 2.6
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-3600",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "28776",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1016843",
        "trust": 1.7
      },
      {
        "db": "CERT/CC",
        "id": "VU#542108",
        "trust": 1.6
      },
      {
        "db": "CERT/CC",
        "id": "VU#821420",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20060913 RE: CISCO IOS VTP ISSUES",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060913 CISCO IOS VTP ISSUES",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20060913 CISCO VLAN TRUNKING PROTOCOL VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "28925",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50047",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50048",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "BID",
        "id": "19998"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "PACKETSTORM",
        "id": "50047"
      },
      {
        "db": "PACKETSTORM",
        "id": "50048"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "id": "VAR-200609-0179",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:49:30.045000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sr-20060913-vtp",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/19998"
      },
      {
        "trust": 2.5,
        "url": "http://www.kb.cert.org/vuls/id/175148"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/21896/"
      },
      {
        "trust": 1.8,
        "url": "http://www.phenoelit.de/stuff/ciscovtp.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/28776"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016843"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/21896"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/21902"
      },
      {
        "trust": 1.6,
        "url": "http://www.phenoelit.de/stuff/ciscovtp.txt "
      },
      {
        "trust": 1.6,
        "url": "http://www.cisco.com/en/us/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a008014870f.shtml#wp998892"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2006/3600"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/3600"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/21902/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4775"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4775"
      },
      {
        "trust": 0.8,
        "url": "http://www.kb.cert.org/vuls/id/821420"
      },
      {
        "trust": 0.8,
        "url": "http://www.kb.cert.org/vuls/id/542108"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/445938/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/445896/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/28925"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/445896"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/445938"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/quality_assurance_analyst/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/web_application_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/50/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/184/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/53/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/182/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/183/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/527/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3564/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/185/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/526/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "BID",
        "id": "19998"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "PACKETSTORM",
        "id": "50047"
      },
      {
        "db": "PACKETSTORM",
        "id": "50048"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "db": "BID",
        "id": "19998"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "db": "PACKETSTORM",
        "id": "50047"
      },
      {
        "db": "PACKETSTORM",
        "id": "50048"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-09-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "date": "2006-09-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "date": "2006-09-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "date": "2006-09-13T00:00:00",
        "db": "BID",
        "id": "19998"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "date": "2006-09-14T22:28:53",
        "db": "PACKETSTORM",
        "id": "50047"
      },
      {
        "date": "2006-09-14T22:28:53",
        "db": "PACKETSTORM",
        "id": "50048"
      },
      {
        "date": "2006-09-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "date": "2006-09-14T00:07:00",
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-09-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#542108"
      },
      {
        "date": "2006-09-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#175148"
      },
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20883"
      },
      {
        "date": "2006-09-14T18:47:00",
        "db": "BID",
        "id": "19998"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-000552"
      },
      {
        "date": "2006-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      },
      {
        "date": "2024-11-21T00:16:43.963000",
        "db": "NVD",
        "id": "CVE-2006-4775"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS contains buffer overflow in VTP VLAN name handling",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#542108"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-238"
      }
    ],
    "trust": 0.6
  }
}

ghsa-w58x-5ghh-784p

Vulnerability from github

Published

2022-05-01 07:22

Modified

2022-05-01 07:22

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4775"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-14T00:07:00Z",
    "severity": "HIGH"
  },
  "details": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.",
  "id": "GHSA-w58x-5ghh-784p",
  "modified": "2022-05-01T07:22:02Z",
  "published": "2022-05-01T07:22:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4775"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21896"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21902"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016843"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/175148"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/28776"
    },
    {
      "type": "WEB",
      "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19998"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3600"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2006-4775

Vulnerability from cvelistv5

gsd-2006-4775

Vulnerability from gsd

fkie_cve-2006-4775

Vulnerability from fkie_nvd

var-200609-0179

Vulnerability from variot

ghsa-w58x-5ghh-784p

Vulnerability from github

Tags

Sightings

Nomenclature