How to Buy
This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch
It is possible to send an Address Resolution Protocol (ARP) packet on a
local broadcast interface (for example, Ethernet, cable, Token Ring,
FDDI) which could cause a router or switch running specific versions of
Cisco IOS Software Release to stop sending and receiving ARP packets
on the local router interface. This will in a short time cause the
router and local hosts to be unable to send packets to each other. ARP
packets received by the router for the router's own interface address
but a different Media Access Control (MAC) address will overwrite the
router's MAC address in the ARP table with the one from the received
ARP packet. This was demonstrated to attendees of the Black Hat
conference and should be considered to be public knowledge. This attack
is only successful against devices on the segment local to the attacker
or attacking host.
This vulnerability is documented in Cisco Bug ID CSCdu81936, and a
workaround is available.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 48961 (cisco-sa-20011115-ios-arp-overwritehttp.nasl)
Bugtraq ID: 3547
CVE ID: CVE-2001-0895
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.