Cisco VLAN Trunking Protocol Vulnerability

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The VTP protocol implementation in Cisco IOS is potentially
vulnerable to a denial of service attack via a specially crafted VTP
packet sent from the local network segment when operating in either
server or client VTP mode. When the device receives the specially
crafted VTP packet, the switch may crash. The crafted packet must be
received on a switch interface configured to operate as a trunk
port.

See also :

http://www.nessus.org/u?5bd792d8
http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0549.html

Solution :

Apply the relevant patch which can be obtained from the Cisco Bug
tracker.

Risk factor :

Medium / CVSS Base Score : 5.7
(CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 4.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 17792 ()

Bugtraq ID: 32120

CVE ID: CVE-2008-4963