Cisco IOS Software IP Service Level Agreement Vulnerability

2013-03-27T16:00:00
ID CISCO-SA-20130327-IPSLA
Type cisco
Reporter Cisco
Modified 2013-04-12T14:44:06

Description

<!--- IP SLA 010-summary 0.4 ---> The Cisco IOS Software implementation of the IP Service Level Agreement (IP SLA) feature contains a vulnerability in the validation of IP SLA packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. Mitigations for this vulnerability are available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla"]

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html["http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html"]

A vulnerability exists in the implementation of the IP Service Level Agreement responder feature of Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device.

The vulnerability is due to improper validation of IP SLA packets on UDP port 1167. An attacker could exploit this vulnerability by sending malformed IP SLA packets addressed to the affected device. An exploit could allow the attacker to cause an extended DoS condition.