PT-2005-5125 · Ieee · 802.1Q Vlan Protocol

Published

2005-12-21

Updated

2018-10-19

CVE-2005-4440

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions 802.1q VLAN protocol (affected versions not specified)

Description The issue allows remote attackers to bypass network segmentation and spoof VLAN traffic by sending a message with two 802.1q tags. This causes the second tag to be redirected from a downstream switch after the first tag has been stripped, as demonstrated by the "double-tagging VLAN jumping attack" using tools like Yersinia.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4440

Affected Products

802.1Q Vlan Protocol

PT-2005-5125 · Ieee · 802.1Q Vlan Protocol

CVE-2005-4440

Related Identifiers

Affected Products

References · 4