CVE-2005-1942
CVSS7.5
发布时间 :2005-06-10 00:00:00
修订时间 :2016-10-17 23:23:20
NMCO    

[原文]Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.


[CNNVD]Cisco switches 绕过安全检查漏洞(CNNVD-200506-100)

        支持802.1x安全标准的思科交换机存在安全漏洞,远程攻击者可通过欺骗思科发现协议(CDP)消息来绕过端口安全检查并获得VLAN(虚拟局域网)的访问权限。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1942
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1942
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200506-100
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=111842833009771&w=2
(UNKNOWN)  BUGTRAQ  20050610 Voice VLAN Access/Abuse Possible on Cisco voice-enabled, 802.1x-secured Interfaces Vulnerability Discovery: FishNet Security
http://www.cisco.com/warp/public/707/cisco-sn-20050608-8021x.shtml
(UNKNOWN)  CISCO  20050608 Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access
http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+802.1x+Advisory.pdf
(VENDOR_ADVISORY)  MISC  http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+802.1x+Advisory.pdf
http://www.securitytracker.com/alerts/2005/Jun/1014135.html
(VENDOR_ADVISORY)  SECTRACK  1014135
http://xforce.iss.net/xforce/xfdb/20939
(VENDOR_ADVISORY)  XF  cisco-callmanager-voice-gain-access(20939)

- 漏洞信息

Cisco switches 绕过安全检查漏洞
高危 未知
2005-06-10 00:00:00 2005-10-20 00:00:00
远程  
        支持802.1x安全标准的思科交换机存在安全漏洞,远程攻击者可通过欺骗思科发现协议(CDP)消息来绕过端口安全检查并获得VLAN(虚拟局域网)的访问权限。

- 公告与补丁

        

- 漏洞信息

17291
Cisco 802.1x Crafted CDP Message Anonymous Voice VLAN Access
Physical Access Required Authentication Management, Input Manipulation, Misconfiguration
Loss of Confidentiality, Loss of Integrity

- 漏洞描述

Cisco VoIP phones with 802.1x authentication contain a flaw that may allow a malicious user to connect anonymously to the voice VLAN. The issue is triggered when a spoofed Cisco Discovery Protocol packet is sent through the Cisco IP phone to a switch which supports both 802.1x authentication and Cisco VoIP phones. It is possible that the flaw may allow 802.1x authentication to the voice VLAN rather than the data VLAN, resulting in a loss of confidentiality, and/or integrity.

- 时间线

2005-06-08 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): For switches with newer versions of CatOS software, DHCP snooping, port security, Dynamic ARP Inspection (DAI) and IP Source Guard may help to limit the scope of data link layer attacks. Cisco recommends that the user read their "Cisco Catalyst Integrated Security-Enabling the Self-Defending Network" whitepaper. Certificate-based authentication and encryption of voice signaling and media are available on newer versions of Cisco CallManager. Cisco also recommends that the user read the product data sheet for Cisco CallManager Version 4.1 for further information.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站