var-200609-0179
Vulnerability from variot
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. Cisco IOS fails to properly verify the VTP configuration revision number. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Cisco IOS Is VLAN Trunk protocol (VTP) There are several security issues in the implementation of: 1) VTP Included in packet VTP There is a flaw in the processing of the version field, so if an inappropriate value is set, the processing will go into a loop and the device will be reset. (CVE-2006-4774) If exploited by a remote attacker, the device could go into a denial of service. 2) Since there is a flaw that the setting revision number is processed as a negative integer, VLAN There is a problem that changes in configuration information are not properly reflected. (CVE-2006-4775) If exploited by a remote attacker, VLAN Changing the setting information may be hindered. 3) VLAN There is a flaw in checking the length of the name, 100 There is a problem where heap overflow occurs when processing names longer than letters. (CVE-2006-4776) If exploited by a remote attacker, the device could go into a denial of service or potentially execute arbitrary code.Please refer to the “Overview” for the impact of this vulnerability. Cisco IOS is prone to multiple vulnerabilities when handling VLAN Trunking Protocol (VTP) packets. These issues include two denial-of-service vulnerabilities and a buffer-overflow vulnerability. Attackers require access to trunk ports on affected devices for VTP packets to be accepted. Attackers may reportedly use the Dynamic Trunk Protocol (DTP) to become a trunking peer to gain required access. By exploiting these issues, attackers may crash affected routers, cause further VTP packets to be ignored, or potentially execute arbitrary machine code in the context of affected devices. Cisco IOS 12.1(19) is vulnerable to these issues; other versions are also likely affected. 2 VTP Modified Version Integer Wrapping If an attacker can send VTP updates (digest and sub) to a Cisco IOS or CatOS device, he can choose the modified version number of the VTP message himself. IOS will accept the version number 0x7FFFFFFF. Therefore, this revision number is treated as a large negative value. From this point on the switch cannot communicate with the changed VLAN configuration, as all other switches will reject the generated update, 3 VLAN name heap overflow If an attacker is able to send VTP updates to the Cisco IOS device, type 2 frames contain record of. One field of the VTP record contains the name of the VLAN, and the other field is the length of the name. If the updated VLAN name is larger than 100 bytes and the VLAN name length field is correct, it will cause a heap overflow and execute arbitrary code on the receiving switch.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: Cisco IOS VTP Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21896
VERIFY ADVISORY: http://secunia.com/advisories/21896/
CRITICAL: Moderately critical
IMPACT: Manipulation of data, DoS, System access
WHERE:
From local network
OPERATING SYSTEM: Cisco IOS 10.x http://secunia.com/product/184/ Cisco IOS 11.x http://secunia.com/product/183/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco IOS R11.x http://secunia.com/product/53/ Cisco IOS R12.x http://secunia.com/product/50/
DESCRIPTION: FX has reported some vulnerabilities in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable network device. This can be exploited to reset the switch with a Software Forced Crash Exception by sending a specially crafted packet to a trunk enabled port.
2) An integer overflow error exists in the VTP configuration revision handling.
3) A boundary error exists in the processing of VTP summary advertisement messages. This can be exploited to cause a heap-based buffer overflow by sending a specially crafted message containing an overly long VLAN name (more than 100 characters) to a trunk enabled port.
NOTE: The packets must be received with a matching domain name and a matching VTP domain password (if configured).
SOLUTION: A fix is reportedly available for vulnerability #1. The vendor also recommends applying a VTP domain password to the VTP domain (see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: FX, Phenoelit.
ORIGINAL ADVISORY: Phenoelit: http://www.phenoelit.de/stuff/CiscoVTP.txt
Cisco: http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.1\\(19\\)"
},
{
"model": "catos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "catos",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(19)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "BID",
"id": "19998"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.1\\(19\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4775"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FX fx@phenoelit.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4775",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4775",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-20883",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4775",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#542108",
"trust": 0.8,
"value": "22.74"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#175148",
"trust": 0.8,
"value": "3.37"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-238",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-20883",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. Cisco IOS fails to properly verify the VTP configuration revision number. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Cisco IOS Is VLAN Trunk protocol (VTP) There are several security issues in the implementation of: 1) VTP Included in packet VTP There is a flaw in the processing of the version field, so if an inappropriate value is set, the processing will go into a loop and the device will be reset. (CVE-2006-4774) If exploited by a remote attacker, the device could go into a denial of service. 2) Since there is a flaw that the setting revision number is processed as a negative integer, VLAN There is a problem that changes in configuration information are not properly reflected. (CVE-2006-4775) If exploited by a remote attacker, VLAN Changing the setting information may be hindered. 3) VLAN There is a flaw in checking the length of the name, 100 There is a problem where heap overflow occurs when processing names longer than letters. (CVE-2006-4776) If exploited by a remote attacker, the device could go into a denial of service or potentially execute arbitrary code.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Cisco IOS is prone to multiple vulnerabilities when handling VLAN Trunking Protocol (VTP) packets. \nThese issues include two denial-of-service vulnerabilities and a buffer-overflow vulnerability. \nAttackers require access to trunk ports on affected devices for VTP packets to be accepted. Attackers may reportedly use the Dynamic Trunk Protocol (DTP) to become a trunking peer to gain required access. \nBy exploiting these issues, attackers may crash affected routers, cause further VTP packets to be ignored, or potentially execute arbitrary machine code in the context of affected devices. \nCisco IOS 12.1(19) is vulnerable to these issues; other versions are also likely affected. 2 VTP Modified Version Integer Wrapping If an attacker can send VTP updates (digest and sub) to a Cisco IOS or CatOS device, he can choose the modified version number of the VTP message himself. IOS will accept the version number 0x7FFFFFFF. Therefore, this revision number is treated as a large negative value. From this point on the switch cannot communicate with the changed VLAN configuration, as all other switches will reject the generated update, 3 VLAN name heap overflow If an attacker is able to send VTP updates to the Cisco IOS device, type 2 frames contain record of. One field of the VTP record contains the name of the VLAN, and the other field is the length of the name. If the updated VLAN name is larger than 100 bytes and the VLAN name length field is correct, it will cause a heap overflow and execute arbitrary code on the receiving switch. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IOS VTP Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21896\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21896/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nManipulation of data, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nCisco IOS 10.x\nhttp://secunia.com/product/184/\nCisco IOS 11.x\nhttp://secunia.com/product/183/\nCisco IOS 12.x\nhttp://secunia.com/product/182/\nCisco IOS R11.x\nhttp://secunia.com/product/53/\nCisco IOS R12.x\nhttp://secunia.com/product/50/\n\nDESCRIPTION:\nFX has reported some vulnerabilities in Cisco IOS, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially to compromise a vulnerable network device. This can be exploited to reset the switch\nwith a Software Forced Crash Exception by sending a specially crafted\npacket to a trunk enabled port. \n\n2) An integer overflow error exists in the VTP configuration revision\nhandling. \n\n3) A boundary error exists in the processing of VTP summary\nadvertisement messages. This can be exploited to cause a heap-based\nbuffer overflow by sending a specially crafted message containing an\noverly long VLAN name (more than 100 characters) to a trunk enabled\nport. \n\nNOTE: The packets must be received with a matching domain name and a\nmatching VTP domain password (if configured). \n\nSOLUTION:\nA fix is reportedly available for vulnerability #1. The vendor also\nrecommends applying a VTP domain password to the VTP domain (see the\nvendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nFX, Phenoelit. \n\nORIGINAL ADVISORY:\nPhenoelit:\nhttp://www.phenoelit.de/stuff/CiscoVTP.txt\n\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "BID",
"id": "19998"
},
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "PACKETSTORM",
"id": "50047"
},
{
"db": "PACKETSTORM",
"id": "50048"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "21896",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#175148",
"trust": 3.3
},
{
"db": "BID",
"id": "19998",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "21902",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-4775",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2006-3600",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "28776",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016843",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#542108",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#821420",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060913 RE: CISCO IOS VTP ISSUES",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060913 CISCO IOS VTP ISSUES",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060913 CISCO VLAN TRUNKING PROTOCOL VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "28925",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-20883",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50047",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50048",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "BID",
"id": "19998"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "PACKETSTORM",
"id": "50047"
},
{
"db": "PACKETSTORM",
"id": "50048"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"id": "VAR-200609-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20883"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:10:33.122000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sr-20060913-vtp",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/19998"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/175148"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/21896/"
},
{
"trust": 1.8,
"url": "http://www.phenoelit.de/stuff/ciscovtp.txt"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/28776"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016843"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21896"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21902"
},
{
"trust": 1.6,
"url": "http://www.phenoelit.de/stuff/ciscovtp.txt "
},
{
"trust": 1.6,
"url": "http://www.cisco.com/en/us/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a008014870f.shtml#wp998892"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/3600"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3600"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/21902/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4775"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4775"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/821420"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/542108"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445938/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445896/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28925"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.3,
"url": "/archive/1/445896"
},
{
"trust": 0.3,
"url": "/archive/1/445938"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.2,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/50/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/184/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/53/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/182/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/183/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/527/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3564/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/185/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/526/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "BID",
"id": "19998"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "PACKETSTORM",
"id": "50047"
},
{
"db": "PACKETSTORM",
"id": "50048"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#542108"
},
{
"db": "CERT/CC",
"id": "VU#175148"
},
{
"db": "VULHUB",
"id": "VHN-20883"
},
{
"db": "BID",
"id": "19998"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"db": "PACKETSTORM",
"id": "50047"
},
{
"db": "PACKETSTORM",
"id": "50048"
},
{
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#542108"
},
{
"date": "2006-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#175148"
},
{
"date": "2006-09-14T00:00:00",
"db": "VULHUB",
"id": "VHN-20883"
},
{
"date": "2006-09-13T00:00:00",
"db": "BID",
"id": "19998"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"date": "2006-09-14T22:28:53",
"db": "PACKETSTORM",
"id": "50047"
},
{
"date": "2006-09-14T22:28:53",
"db": "PACKETSTORM",
"id": "50048"
},
{
"date": "2006-09-14T00:07:00",
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"date": "2006-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#542108"
},
{
"date": "2006-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#175148"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20883"
},
{
"date": "2006-09-14T18:47:00",
"db": "BID",
"id": "19998"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000552"
},
{
"date": "2018-10-17T21:39:30.903000",
"db": "NVD",
"id": "CVE-2006-4775"
},
{
"date": "2006-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS contains buffer overflow in VTP VLAN name handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#542108"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-238"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.