Vulnerability CVE-2005-4441

Vulnerability Name:

CVE-2005-4441 (CCN-3294)

Assigned:

1999-09-02

Published:

1999-09-02

Updated:

2018-10-19

Summary:

The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN traffic via a PVLAN message with a target MAC address that is set to a gateway router, which causes the packet to be sent to the router, where the source MAC is modified, aka "Modification of the MAC spoofing PVLAN jumping attack," as demonstrated by pvlan.c.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Bypass Security

References:

Source: CCN
Type: BugTraq Mailing List, Wed, 1 Sep 1999 16:44:36 +0800
VLAN Security

Source: CCN
Type: BugTraq Mailing List, Mon Dec 19 2005 - 11:27:33 CST
Making unidirectional VLAN and PVLAN jumping bidirectional

Source: CCN
Type: BugTraq Mailing List, Mon Dec 19 2005 - 16:26:16 CST
Re: Making unidirectional VLAN and PVLAN jumping bidirectional

Source: MITRE
Type: CNA
CVE-1999-1129

Source: MITRE
Type: CNA
CVE-2005-4440

Source: MITRE
Type: CNA
CVE-2005-4441

Source: FULLDISC
Type: UNKNOWN
20051219 Making unidirectional VLAN and PVLAN jumping bidirectional

Source: CCN
Type: IEEE Web site
IEEE 802.1Q Virtual Bridged Local Area Networks

Source: CCN
Type: Cisco Security Notice: Document ID 68469
Cisco Security Notice: Response to Making Unidirectional VLAN and PVLAN Jumping Bidirectional

Source: CCN
Type: Cisco Systems Documentation
Configuration Examples Related to VLAN Features

Source: CCN
Type: Cisco Systems Technical Tips
Cisco Product Security Incident Response

Source: CCN
Type: OSVDB ID: 22192
Multiple Vendor 802.1q P/VLAN Unidirection Bypass

Source: CCN
Type: OSVDB ID: 8792
Cisco Catalyst VLAN 802.1q Frame Injection

Source: BUGTRAQ
Type: UNKNOWN
20051219 Making unidirectional VLAN and PVLAN jumping bidirectional

Source: BUGTRAQ
Type: UNKNOWN
20051219 Re: Making unidirectional VLAN and PVLAN jumping bidirectional

Source: CCN
Type: BID-615
IEEE 802.1q Unauthorized VLAN Traversal Weakness

Source: XF
Type: UNKNOWN
cisco-catalyst-vlan-frames(3294)

Vulnerable Configuration:

Configuration 1:

cpe:/a:pvlan_protocol:pvlan_protocol:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/h:cisco:catalyst:*:*:*:*:*:*:*:*

OR cpe:/o:cisco:ios:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK