Cisco IOS EIGRP Announcement ARP Denial Of Service Vulnerability

Internet Operating System (IOS) is the firmware developed and maintained by Cisco for Cisco Routers.

A system sending spoofed EIGRP announcements may cause a denial of service to all routers and systems on a given network segment. Due to improper limits in the attempt to discover routers, a neighbor announcement received by routers on a given network segment will result in an address resolution protocol (ARP) storm, filling network capacity while routers attempt to contact the announcing neighbor. Additionally, resources on the router such as CPU will also become bound while the router attempts to reach the announcing neighbor. It should be noted that it is also possible to exploit this vulnerability on systems that accept EIGRP announcements via unicast.


 

Privacy Statement
Copyright 2010, SecurityFocus