Andrew A. Vladimirov

**Name of the Vulnerable Software and Affected Versions** Cisco IOS versions after 12.3(2), 12.3(3)B, and 12.3(2)T Extended Interior Gateway Routing Protocol (EIGRP) version 1.2 **Description** The issue allows remote attackers to cause a denial of service by sending a spoofed neighbor announcement with either mismatched k values or a goodbye message Type-Length-Value (TLV). **Recommendations** For Cisco IOS versions after 12.3(2), 12.3(3)B, and 12.3(2)T, consider restricting access to the EIGRP protocol to minimize the risk of exploitation. For Extended Interior Gateway Routing Protocol (EIGRP) version 1.2, avoid using the protocol until the issue is resolved or apply configuration changes to prevent spoofed neighbor announcements. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco IOS versions 11.3 and later **Description** The issue concerns MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2. It allows remote attackers to sniff message hashes and either replay EIGRP HELLO messages or cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements. This can result in an ARP storm on the local network. **Recommendations** For Cisco IOS versions 11.3 and later, consider disabling MD5 Neighbor Authentication in EIGRP as a temporary workaround until a patch is available. Restrict access to EIGRP neighbor announcements to minimize the risk of exploitation. Avoid using the affected EIGRP protocol until the issue is resolved.