CVE-2006-4982

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Access Control
Vendor: CVE Published:; 26 September 2006

Summary

Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer.

References

http://www.securityfocus.com/archive/1/446421/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.insightix.com/files/pdf/Bypassing_NAC_Solution...

x_refsource_MISC

http://www.osvdb.org/30978

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Sep 26, 2006
Vulnerability Reserved
Sep 25, 2006