VAR-200512-0083
Vulnerability from variot - Updated: 2022-05-04 09:54The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN traffic via a PVLAN message with a target MAC address that is set to a gateway router, which causes the packet to be sent to the router, where the source MAC is modified, aka "Modification of the MAC spoofing PVLAN jumping attack," as demonstrated by pvlan.c. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ VLAN (Virtual LAN) Is LAN By setting a virtual group different from the physical connection form, LAN The terminal has a switch function MAC Address or IP Groups according to address, protocol used, etc. Also, PVLAN (Private VLAN) Is more than one VLAN Is a function that configures one subnet by combining IEEE Standardized by VLAN Standard of 802.1q Is Cisco IOS Works Cisco Catalyst And many other switching devices. 802.1q On the frame flowing through the network VLAN Identification ID ( tag ) Which switch is VLAN Between multiple switches VLAN Can be configured. Cisco IOS Implemented in VLAN/PVLAN Has the following security issues that allow it to communicate to hosts on different isolated segments: 1) Intentionally created 2 Horn IEEE 802.1q When a packet containing a tag is sent, VLAN There is an issue where it is possible to send packets to hosts on segments separated by. In addition, hosts that can communicate with the target host in packets that exploit these issues ( Host managed by attacker ) From IP By spoofing the address, it is possible to control the destination of response packets from the target host. When used by a remote attacker, as a result, the attacker may gain access to a target host that is otherwise inaccessible and attempt further attacks.Please refer to the “Overview” for the impact of this vulnerability. Pvlan Protocol is prone to a security bypass vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0083",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pvlan protocol",
"scope": "eq",
"trust": 1.0,
"vendor": "pvlan protocol",
"version": "*"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "pvlan protocol",
"scope": null,
"trust": 0.6,
"vendor": "pvlan protocol",
"version": null
},
{
"model": "protocol pvlan protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "pvlan",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "88928"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:pvlan_protocol:pvlan_protocol:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "88928"
}
],
"trust": 0.3
},
"cve": "CVE-2005-4441",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4441",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 1.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-4441",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-434",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2005-4441",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN traffic via a PVLAN message with a target MAC address that is set to a gateway router, which causes the packet to be sent to the router, where the source MAC is modified, aka \"Modification of the MAC spoofing PVLAN jumping attack,\" as demonstrated by pvlan.c. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ VLAN (Virtual LAN) Is LAN By setting a virtual group different from the physical connection form, LAN The terminal has a switch function MAC Address or IP Groups according to address, protocol used, etc. Also, PVLAN (Private VLAN) Is more than one VLAN Is a function that configures one subnet by combining IEEE Standardized by VLAN Standard of 802.1q Is Cisco IOS Works Cisco Catalyst And many other switching devices. 802.1q On the frame flowing through the network VLAN Identification ID ( tag ) Which switch is VLAN Between multiple switches VLAN Can be configured. Cisco IOS Implemented in VLAN/PVLAN Has the following security issues that allow it to communicate to hosts on different isolated segments: 1) Intentionally created 2 Horn IEEE 802.1q When a packet containing a tag is sent, VLAN There is an issue where it is possible to send packets to hosts on segments separated by. In addition, hosts that can communicate with the target host in packets that exploit these issues ( Host managed by attacker ) From IP By spoofing the address, it is possible to control the destination of response packets from the target host. When used by a remote attacker, as a result, the attacker may gain access to a target host that is otherwise inaccessible and attempt further attacks.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Pvlan Protocol is prone to a security bypass vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4441"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "BID",
"id": "88928"
},
{
"db": "VULMON",
"id": "CVE-2005-4441"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-4441",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20051219 RE: MAKING UNIDIRECTIONAL VLAN AND PVLAN JUMPING BIDIRECTIONAL",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051219 MAKING UNIDIRECTIONAL VLAN AND PVLAN JUMPING BIDIRECTIONAL",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20051219 MAKING UNIDIRECTIONAL VLAN AND PVLAN JUMPING BIDIRECTIONAL",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434",
"trust": 0.6
},
{
"db": "BID",
"id": "88928",
"trust": 0.4
},
{
"db": "VULMON",
"id": "CVE-2005-4441",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"db": "BID",
"id": "88928"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"id": "VAR-200512-0083",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-04T09:54:10.847000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-response-20051220-pvlan",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-response-20051220-pvlan.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-december/040333.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419831/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/419834/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/419834/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/419831/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-4441"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-4441"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/securitynews/6l00o00euc.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/88928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"db": "BID",
"id": "88928"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"db": "BID",
"id": "88928"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-21T00:00:00",
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"date": "2005-12-20T00:00:00",
"db": "BID",
"id": "88928"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"date": "2005-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"date": "2005-12-21T02:03:00",
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2005-4441"
},
{
"date": "2005-12-20T00:00:00",
"db": "BID",
"id": "88928"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000743"
},
{
"date": "2006-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-434"
},
{
"date": "2018-10-19T15:40:00",
"db": "NVD",
"id": "CVE-2005-4441"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS of PVLAN In the protocol Traffic spoofing and segment avoidance vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000743"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-434"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…