CVE-2006-0354

Cisco Aironet Wireless Access Points - Authenticated Denial of Service via ARP Table Exhaustion

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0354. PoCs published by Pasv.

AI-analyzed exploit summary This exploit sends maliciously crafted ARP reply packets to Cisco Aironet access points, causing memory exhaustion and a denial-of-service (DoS) condition. It leverages a vulnerability in ARP handling to flood the target with packets, leading to a crash.

Description

Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Pasv · cdoshardware

https://www.exploit-db.com/exploits/1447

View Code ZIP pw:eip

This exploit sends maliciously crafted ARP reply packets to Cisco Aironet access points, causing memory exhaustion and a denial-of-service (DoS) condition. It leverages a vulnerability in ARP handling to flood the target with packets, leading to a crash.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cisco Aironet 350 IOS, 1400, 1300, 1240AG, 1230AG, 1200, 1130AG, 1100

No auth needed

Prerequisites: root privileges · network access to the target device

MITRE ATT&CK