CVE-2006-4983

2006-09-2601:43:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

73.9%

JSON

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

References

www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

www.osvdb.org/30977

www.securityfocus.com/archive/1/446421/100/0/threaded