Cisco IOS IPv6 denial-of-service vulnerability

2005-01-26T00:00:00
ID VU:472582
Type cert
Reporter CERT
Modified 2005-02-01T00:00:00

Description

Overview

A vulnerability in the way Cisco IOS handles IPv6 packets could result in a remotely exploitable denial of service.

Description

The Cisco Internetwork Operating System (IOS) includes support for processing Internet Protocol version 6 (IPv6) packets. A vulnerability in the way that IOS handles a sequence of specially crafted IPv6 packets could cause an affected device to reload (reboot), resulting in a denial of service. The specific nature of the crafted packets exploiting this vulnerability is not known. Only devices running IOS that have IPv6-configured interfaces, either physical or logical (e.g., tunnels), are vulnerable to this issue.


Impact

A remote attacker may be able to cause an affected device to reload, thereby creating a denial of service condition.


Solution

Upgrade

Cisco has addressed this issue in new versions of the IOS software. Please see Cisco's Security Advisory for more details.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Cisco Systems Inc.| | -| 26 Jan 2005
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCed40933>
  • <http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml>

Credit

Thanks to Cisco PSIRT for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

  • CVE IDs: Unknown
  • Date Public: 26 Jan 2005
  • Date First Published: 26 Jan 2005
  • Date Last Updated: 01 Feb 2005
  • Severity Metric: 10.61
  • Document Revision: 10