CVE-2008-4963 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Catos Ios

Configuration 1 [-]

OR	cpe:2.3:o:cisco:catos::::::::
	cpe:2.3:o:cisco:ios::::::::

No data.

References

Link	Providers
http://osvdb.org/49601
http://secunia.com/advisories/32573
http://securitytracker.com/id?1021143
http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html
http://www.securityfocus.com/bid/32120
http://www.securitytracker.com/id?1021144
https://exchange.xforce.ibmcloud.com/vulnerabilities/46346

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-06T11:00:00

Updated: 2024-08-07T10:31:28.334Z

Reserved: 2008-11-06T00:00:00

Link: CVE-2008-4963

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-11-06T15:55:51.713

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-4963

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "32573", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32573"}, {"name": "20081105 Cisco VLAN Trunking Protocol Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html"}, {"name": "1021143", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021143"}, {"name": "1021144", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021144"}, {"name": "cisco-ios-catos-vtp-dos(46346)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46346"}, {"name": "32120", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32120"}, {"name": "49601", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/49601"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4963", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "32573", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32573"}, {"name": "20081105 Cisco VLAN Trunking Protocol Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html"}, {"name": "1021143", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021143"}, {"name": "1021144", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021144"}, {"name": "cisco-ios-catos-vtp-dos(46346)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46346"}, {"name": "32120", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32120"}, {"name": "49601", "refsource": "OSVDB", "url": "http://osvdb.org/49601"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:31:28.334Z"}, "title": "CVE Program Container", "references": [{"name": "32573", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32573"}, {"name": "20081105 Cisco VLAN Trunking Protocol Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html"}, {"name": "1021143", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021143"}, {"name": "1021144", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021144"}, {"name": "cisco-ios-catos-vtp-dos(46346)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46346"}, {"name": "32120", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32120"}, {"name": "49601", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/49601"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4963", "datePublished": "2008-11-06T11:00:00", "dateReserved": "2008-11-06T00:00:00", "dateUpdated": "2024-08-07T10:31:28.334Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:catos:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE3424FF-8507-4C7A-8858-EA89931A74DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "matchCriteriaId": "5802E2D8-7069-474C-826F-AEE7B50BFE34", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port."}, {"lang": "es", "value": "Vulnerabilidad inespec\u00edfica en la implementaci\u00f3n en Cisco IOS y CatOS del protocolo VLAN Trunking (VTP), cuando el modo de operaci\u00f3n de VTP no es transparente, permite a atacantes remotos producir una denegaci\u00f3n de servicio (el dispositivo se recarga o se cuelga) a trav\u00e9s de un paquete VTP manipulado."}], "id": "CVE-2008-4963", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-06T15:55:51.713", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/49601"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32573"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1021143"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32120"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021144"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/49601"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32573"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1021143"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a231cf.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/32120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46346"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}