CVE-2006-4776: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN…

CVE-2006-4776 [HIGH] CWE-119 Cisco IOS VTP VLAN Buffer Overflow Vulnerability Cisco IOS VTP VLAN Buffer Overflow Vulnerability Cisco IOS contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability exists due to improper input validation by the VTP feature of Cisco IOS. An authenticated, remote attacker could exploit this vulnerability by submitting a malicious VTP summary advertisement to an affected system. This action could result in a buffer overflow, resetting the affected system or allowing the attacker to execute arbitrary code. Cisco confirmed this vulnerability in a security response and released updated software. To exploit this vulnerability, the attacker must be able to craft a VTP summary advertisement packet that specifies a domain that matches the domain of the target system. This knowledg

CVE-2005-4826 [HIGH] GHSA-x2rx-8768-8678: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12 Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.

CVE-2006-4776 [HIGH] CWE-119 GHSA-w4j4-63w3-w6m9: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12 Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.