CVE-2005-4436

Name of the Vulnerable Software and Affected Versions Cisco IOS versions after 12.3(2), 12.3(3)B, and 12.3(2)T Extended Interior Gateway Routing Protocol (EIGRP) version 1.2

Description The issue allows remote attackers to cause a denial of service by sending a spoofed neighbor announcement with either mismatched k values or a goodbye message Type-Length-Value (TLV).

Recommendations For Cisco IOS versions after 12.3(2), 12.3(3)B, and 12.3(2)T, consider restricting access to the EIGRP protocol to minimize the risk of exploitation. For Extended Interior Gateway Routing Protocol (EIGRP) version 1.2, avoid using the protocol until the issue is resolved or apply configuration changes to prevent spoofed neighbor announcements. At the moment, there is no information about a newer version that contains a fix for this vulnerability.