A vulnerability in the way Cisco IOS handles IPv6 packets could result in a remotely exploitable denial of service.
The Cisco Internetwork Operating System (IOS) includes support for processing Internet Protocol version 6 (IPv6) packets. A vulnerability in the way that IOS handles a sequence of specially crafted IPv6 packets could cause an affected device to reload (reboot), resulting in a denial of service. The specific nature of the crafted packets exploiting this vulnerability is not known. Only devices running IOS that have IPv6-configured interfaces, either physical or logical (e.g., tunnels), are vulnerable to this issue.
A remote attacker may be able to cause an affected device to reload, thereby creating a denial of service condition.
Cisco has addressed this issue in new versions of the IOS software. Please see Cisco's Security Advisory for more details.
Vendor| Status| Date Notified| Date Updated
Cisco Systems Inc.| | -| 26 Jan 2005
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
Thanks to Cisco PSIRT for reporting this vulnerability.
This document was written by Chad R Dougherty.