Cisco Catalyst 5000 Series Frame STP Port Broadcast DoS (CSCdt62732)

medium Nessus Plugin ID 10980

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

When an 802.1x (IEEE standard for port based network access control) frame is received by an affected Catalyst 5000 series switch on a STP (Spanning Tree Protocol) blocked port it is forwarded in that VLAN (Virtual Local Area Network) instead of being dropped. This causes a performance impacting 802.1x frames network storm in that part of the network, which is made up of the affected Catalyst 5000 series switches. This network storm only subsides when the source of the 802.1x frames is removed or one of the workarounds in the workaround section is applied.

This vulnerability is documented as Cisco bug ID CSCdt62732.

Solution

http://www.nessus.org/u?e0c2952e

Plugin Details

Severity: Medium

ID: 10980

File Name: CSCdt62732.nasl

Version: 1.19

Type: local

Family: CISCO

Published: 6/5/2002

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: SNMP/community, SNMP/sysDesc, CISCO/model

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/16/2001

Reference Information

CVE: CVE-2001-0429

BID: 2604