Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS-XR

2007-08-08T16:00:00
ID CISCO-SA-20070808-IOS-IPV6-LEAK
Type cisco
Reporter Cisco
Modified 2007-08-08T16:00:00

Description

Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device. Successful exploitation on an affected device running Cisco IOS XR will not result in a crash of the device itself, but may result in a crash of the IPv6 subsystem.

Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability.

This advisory is posted at

 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak"].

Note: The August 08, 2007 publication includes four Security Advisories and one Security Response. The advisories all affect IOS, one additionally affects Cisco Unified Communications Manager as well. Each advisory lists the releases that correct the vulnerability described in the advisory, and the advisories also detail the releases that correct the vulnerabilities in all four advisories. Individual publication links are listed below:

    Cisco IOS Information Leakage Using IPv6 Routing Header



      http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-IPv6-leak"]



    Cisco IOS Next Hop Resolution Protocol Vulnerability


      http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-nhrp["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-nhrp"]



    Cisco IOS Secure Copy Authorization Bypass Vulnerability


      http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-scp["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-scp"]



    Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications
      Manager



      http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-voice["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070808-IOS-voice"]



    Cisco Unified MeetingPlace XSS Vulnerability


      http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20070808-mp["http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20070808-mp"]