Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability

 

Systems Affected


Cisco NCS 6000 running Cisco IOS XR Software prior to 5.3.2
Cisco CRS-X running Cisco IOS XR Software prior to 5.3.0

Threat Level


High


Overview


A vulnerability has been reported in Cisco Network Convergence System 6000 and Cisco Carrier Routing System which could allow an unauthenticated remote attacker to cause a reload of line card on the device resulting in denial of service (DoS) condition.


Description


This vulnerability occurs due to improper processing of malformed packet carrying extension headers. An unauthenticated remote attacker could exploit this vulnerability by sending a malformed IPv6 packet carrying extension headers through a targeted device.

Successful exploitation of this vulnerability could allow a remote attacker to cause a reload of line card on the device resulting in a DOS condition.


Impact



Solution/ Workarounds


Apply appropriate updates as mentioned in CISCO advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6


References



Disclaimer



 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.