Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3803

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2008-3803
Last Modified 29 Oct 2012 11:15:44
Published 26 Sep 2008 12:21:44
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-3803

Summary

A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

Vulnerable Systems


References

VUPEN - ADV-2008-2670

BID - 31366

CISCO - 20080924 Cisco IOS MPLS VPN May Leak Information

SECUNIA - 31990

SECTRACK - 1020940


Last Updated: 27 May 2016 10:49:43