CVE-2006-4775 - Vulnerability Details - OpenCVE

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Catos Ios

Configuration 1 [-]

cpe:2.3:o:cisco:ios:12.1\(19\):*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/21896
http://secunia.com/advisories/21902
http://securitytracker.com/id?1016843
http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml
http://www.kb.cert.org/vuls/id/175148
http://www.osvdb.org/28776
http://www.phenoelit.de/stuff/CiscoVTP.txt
http://www.securityfocus.com/archive/1/445896/100/0/threaded
http://www.securityfocus.com/archive/1/445938/100/0/threaded
http://www.securityfocus.com/bid/19998
http://www.vupen.com/english/advisories/2006/3600
https://exchange.xforce.ibmcloud.com/vulnerabilities/28925

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-14T00:00:00

Updated: 2024-08-07T19:23:40.975Z

Reserved: 2006-09-13T00:00:00

Link: CVE-2006-4775

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-09-14T00:07:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4775

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-13T00:00:00", "descriptions": [{"lang": "en", "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"}, {"name": "21896", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21896"}, {"name": "19998", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19998"}, {"name": "28776", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/28776"}, {"name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"}, {"name": "1016843", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016843"}, {"name": "20060913 Re: Cisco IOS VTP issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"}, {"name": "ADV-2006-3600", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3600"}, {"name": "cisco-ios-vtp-wrap-config-manipulation(28925)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"}, {"name": "VU#175148", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/175148"}, {"name": "20060913 Cisco IOS VTP issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"}, {"name": "21902", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21902"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4775", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.phenoelit.de/stuff/CiscoVTP.txt", "refsource": "MISC", "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"}, {"name": "21896", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21896"}, {"name": "19998", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19998"}, {"name": "28776", "refsource": "OSVDB", "url": "http://www.osvdb.org/28776"}, {"name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"}, {"name": "1016843", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016843"}, {"name": "20060913 Re: Cisco IOS VTP issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"}, {"name": "ADV-2006-3600", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3600"}, {"name": "cisco-ios-vtp-wrap-config-manipulation(28925)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"}, {"name": "VU#175148", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/175148"}, {"name": "20060913 Cisco IOS VTP issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"}, {"name": "21902", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21902"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:23:40.975Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"}, {"name": "21896", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21896"}, {"name": "19998", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19998"}, {"name": "28776", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/28776"}, {"name": "20060913 Cisco VLAN Trunking Protocol Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"}, {"name": "1016843", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016843"}, {"name": "20060913 Re: Cisco IOS VTP issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"}, {"name": "ADV-2006-3600", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3600"}, {"name": "cisco-ios-vtp-wrap-config-manipulation(28925)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"}, {"name": "VU#175148", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/175148"}, {"name": "20060913 Cisco IOS VTP issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"}, {"name": "21902", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21902"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4775", "datePublished": "2006-09-14T00:00:00", "dateReserved": "2006-09-13T00:00:00", "dateUpdated": "2024-08-07T19:23:40.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\):*:*:*:*:*:*:*", "matchCriteriaId": "4944AFEF-D002-4C86-958A-4EB753399FB5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE3424FF-8507-4C7A-8858-EA89931A74DB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context."}, {"lang": "es", "value": "El VLAN Trunking Protocol (VTP) caracter\u00edstico en Cisco IOS 12.1(19) y CatOS permite a un atacante remoto provocar una denegaci\u00f3n de servicio con el env\u00edo de una actualizaci\u00f3n de VTP con un valor de revisi\u00f3n de 0x7FFFFFFF, el cual se incrementa a 0x80000000 y es interpretado como un n\u00famero negativo en un contexto de se\u00f1ales."}], "id": "CVE-2006-4775", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-14T00:07:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21896"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21902"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016843"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/175148"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/28776"}, {"source": "cve@mitre.org", "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/19998"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3600"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21896"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/175148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/28776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.phenoelit.de/stuff/CiscoVTP.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/445896/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/445938/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/19998"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3600"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28925"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}