CVE-2006-4983

Sažetak

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

Reference

http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf
http://www.osvdb.org/30977
http://www.securityfocus.com/archive/1/446421/100/0/threaded

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-10-2018 - 21:40

Objavljeno

26-09-2006 - 02:07