7.8
HIGH
CVE-2005-4258
Cisco Catalyst Switches IP SYN Flooding Denial of Service Vulnerability
Description

Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.

INFO

Published Date :

Dec. 15, 2005, 11:03 a.m.

Last Modified :

July 20, 2017, 1:29 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

6.9

Exploitability Score :

10.0
Affected Products

The following products are affected by CVE-2005-4258 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Cisco ios
2 Cisco catalyst
3 Cisco catalyst_1200_series
4 Cisco catalyst_1900_series
5 Cisco catalyst_2800_series
6 Cisco catalyst_2820
7 Cisco catalyst_2900
8 Cisco catalyst_2901
9 Cisco catalyst_2902
10 Cisco catalyst_2920
11 Cisco catalyst_2926
12 Cisco catalyst_2926f
13 Cisco catalyst_2926gl
14 Cisco catalyst_2926gs
15 Cisco catalyst_2926t
16 Cisco catalyst_2940
17 Cisco catalyst_2948
18 Cisco catalyst_2948-ge-tx
19 Cisco catalyst_2948g-l3
20 Cisco catalyst_2950
21 Cisco catalyst_2950_lre
22 Cisco catalyst_2955
23 Cisco catalyst_2970
24 Cisco catalyst_2980g
25 Cisco catalyst_2980g-a
26 Cisco catalyst_3000
27 Cisco catalyst_3200
28 Cisco catalyst_3500_xl
29 Cisco catalyst_3550
30 Cisco catalyst_3560
31 Cisco catalyst_3750
32 Cisco catalyst_3750_metro
33 Cisco catalyst_3900
34 Cisco catalyst_4000
35 Cisco catalyst_4200
36 Cisco catalyst_4224
37 Cisco catalyst_4232
38 Cisco catalyst_4232-13
39 Cisco catalyst_4500
40 Cisco catalyst_4503
41 Cisco catalyst_4506
42 Cisco catalyst_4507r
43 Cisco catalyst_4510r
44 Cisco catalyst_4840g
45 Cisco catalyst_4908g-l3
46 Cisco catalyst_4912g
47 Cisco catalyst_4948
48 Cisco catalyst_5000
49 Cisco catalyst_5505
50 Cisco catalyst_5509
51 Cisco catalyst_6000
52 Cisco catalyst_6000_ws-svc-nam-1
53 Cisco catalyst_6000_ws-svc-nam-2
54 Cisco catalyst_6000_ws-x6380-nam
55 Cisco catalyst_6500
56 Cisco catalyst_6500_ws-svc-nam-1
57 Cisco catalyst_6500_ws-svc-nam-2
58 Cisco catalyst_6500_ws-x6380-nam
59 Cisco catalyst_6608
60 Cisco catalyst_6624
61 Cisco catalyst_7600
62 Cisco catalyst_7600_ws-svc-nam-1
63 Cisco catalyst_7600_ws-svc-nam-2
64 Cisco catalyst_7600_ws-x6380-nam
65 Cisco catalyst_8500
66 Cisco catalyst_8510csr
67 Cisco catalyst_8510msr
68 Cisco catalyst_8540csr
69 Cisco catalyst_8540msr
70 Cisco catalyst_ws-c2924-xl
71 Cisco catos
: Total Affected Vendor : 1 | Products : 71
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2005-4258.

URL Resource
http://www.securityfocus.com/bid/15864 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/44543

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2005-4258 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2005-4258 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jul. 20, 2017

    Action Type Old Value New Value
    Removed Reference http://xforce.iss.net/xforce/xfdb/44543 [No Types Assigned]
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/44543 [No Types Assigned]
  • Initial Analysis by [email protected]

    Dec. 15, 2005

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2005-4258 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2005-4258 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.24 }} -0.00%

score

0.63719

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability
: