CVE-2005-4437

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 11.3 and later

Description The issue concerns MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2. It allows remote attackers to sniff message hashes and either replay EIGRP HELLO messages or cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements. This can result in an ARP storm on the local network.

Recommendations For Cisco IOS versions 11.3 and later, consider disabling MD5 Neighbor Authentication in EIGRP as a temporary workaround until a patch is available. Restrict access to EIGRP neighbor announcements to minimize the risk of exploitation. Avoid using the affected EIGRP protocol until the issue is resolved.