Cisco Catalyst 5000 series switch 802.1x denial of service

cisco-catalyst-8021x-dos (6379) The risk level is classified as MediumMedium Risk

Description:

Cisco Catalyst 5000 series switches are vulnerable to a denial of service attack. When a Cisco Catalyst 5000 series switch receives an 802.1x packet frame on a Spanning Tree Protocol (STP) blocked port, the switch does not drop the packet but instead forwards it in the Virtual Local Area Network (VLAN). This causes an 802.1x frames network storm, which slows the performance of the network. The Catalyst 5000 series switch does not respond to any SNMP, Telnet, or HTTP requests.


Consequences:

Denial of Service

Remedy:

Upgrade to the latest version of Catalyst 5000 series appropriate for your system, as listed in Cisco Systems Field Notice, April 16, 2001. See References.

References:

Platforms Affected:

  • Cisco Catalyst 2900 4.5(11)
  • Cisco Catalyst 2900 5.5(6)
  • Cisco Catalyst 2900 6.1(2)
  • Cisco Catalyst 5000 4.5(10)
  • Cisco Catalyst 5000 4.5(11)
  • Cisco Catalyst 5000 5.5(4B)
  • Cisco Catalyst 5000 5.5(6)
  • Cisco Catalyst 5000 6.1(1C)
  • Cisco Catalyst 5000 6.1(2)

Reported:

Apr 16, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page