FKIE_CVE-2001-0895

Vulnerability from fkie_nvd - Published: 2001-11-15 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table.
References
cve@mitre.orghttp://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/399355US Government Resource
cve@mitre.orghttp://www.osvdb.org/807
cve@mitre.orghttp://www.securityfocus.com/bid/3547
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/7547
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/399355US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/807
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/3547
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/7547
Impacted products
Vendor Product Version
cisco catalyst_2900xl *
cisco catalyst_2948g-l3 *
cisco catalyst_2950 *
cisco catalyst_3500xl *
cisco catalyst_3550 *
cisco catalyst_4000 *
cisco catalyst_4908g-l3 *
cisco catalyst_5000 *
cisco catalyst_6000 *
cisco catalyst_8500 *
cisco distributed_director *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_2900xl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "608C95E6-75D1-4A04-83B4-F9785CD25F79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_2948g-l3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BF525D-E813-4CB9-BE84-0B8283F2FACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_2950:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B4DA944-5B98-4BFB-90E9-C2A1C7731ECF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3500xl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9229CAAE-1582-43DE-B727-881D0E3ABB9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3550:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DA518E9-3A63-4997-AC3E-2FB0B8438B82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_4000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "105544F7-F57E-4B22-921C-E5EEA82B5CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_4908g-l3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83198D7C-C205-44AF-901F-6BD6D5C36244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_5000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E8BD58-5E55-4F07-B115-3BE78D7B2AD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B75201F-F007-4612-A3F0-ABC75C730F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BAA00D-994D-4F18-9858-7EAC3470FBC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:distributed_director:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61E4FE9-24E4-4360-B606-488CB1EB7278",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router\u0027s interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table."
    }
  ],
  "id": "CVE-2001-0895",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-11-15T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/399355"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/807"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/3547"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/399355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/807"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/3547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7547"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.