Network Access Control Vulnerability in Cisco Products
CVE-2006-4983

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Access Control
Vendor: CVE Published:; 26 September 2006

Summary

Cisco's Network Access Control (NAC) systems are vulnerable due to their design, which allows quarantined devices to communicate over network protocols such as DNS, DHCP, and EAPoUDP. This loophole can be exploited by malicious actors to bypass established security measures, potentially leading to unauthorized access and communication on protected networks. Attackers can tunnel traffic through these protocols, undermining the effectiveness of NAC systems.

References

http://www.securityfocus.com/archive/1/446421/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/30977

vdb-entryx_refsource_OSVDB

http://www.insightix.com/files/pdf/Bypassing_NAC_Solution...

x_refsource_MISC

Timeline

Vulnerability published
Sep 26, 2006
Vulnerability Reserved
Sep 25, 2006