CVE-2006-4775

Name of the Vulnerable Software and Affected Versions Cisco IOS version 12.1(19) Cisco Catalyst OS (affected versions not specified)

Description The issue is related to the VLAN Trunking Protocol (VTP) feature, which allows remote attackers to cause a denial of service by sending a VTP update with a specific revision value. This is due to an integer overflow error within the statistics counters, where an authenticated, remote attacker could exploit this by sending a spoofed VTP summary packet, causing the VTP statistics parameter to wrap to a negative number. This could prevent the affected device from processing further configuration changes and potentially result in a denial of service (DoS) condition. To exploit this, an attacker must have access to the local network and, in some cases, know the VTP domain password.

Recommendations For Cisco IOS version 12.1(19), update to a newer version that includes the fix for this issue. For Cisco Catalyst OS, update to a newer version that includes the fix for this issue. As a temporary workaround, consider restricting access to the VTP feature until a patch is available. Restrict access to the local network to minimize the risk of exploitation. Use VTP configurations with authentication passwords to require attackers to know the domain password, making exploitation more difficult.