CVE-2005-4437

high

Description

MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5741

http://www.vupen.com/english/advisories/2005/3008

http://www.securityfocus.com/bid/15970

http://www.securityfocus.com/archive/1/419898/100/0/threaded

http://www.securityfocus.com/archive/1/419830/100/0/threaded

http://securitytracker.com/id?1015382

http://securityreason.com/securityalert/274

http://marc.info/?l=full-disclosure&m=113504451523186&w=2

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040332.html

Details

Source: Mitre, NVD

Published: 2005-12-21

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.03471