There is now exploit code for Cisco’s next hop resolution protocol vulnerability. Here is a snippet from the code as posted on milw0rm.
Please use this code only to check your OWN cisco routers.
Cisco bug ID: CSCin95836
The Next-Hop-Resolution Protocol (NHRP) is defined in RFC2332. It is used by a source host/router connected to a Non-Broadcast-Multi-Access (NBMA) subnetwork to determine the internetworking layer address and NBMA subnetwork addresses of the NBMA next hop towards the destination. NHRP is often used for dynamic multipoint VPNs (DMVPN) in combination with IPSEC.
[tags]Cisco IOS, NHRP Exploit, Cisco IOS Exploit[/tags]
Comments