Cisco IOS XR Software CGSE and ISM Vulnerability

ID CISCO-SA-20130926-CVE-2013-5498
Type cisco
Reporter Cisco
Modified 2013-09-26T16:03:53


A vulnerability in Point-to-Point Tunneling Protocol-Application Level Gateway (PPTP-ALG) of the Cisco CRS Carrier Grade Services Engine (CGSE) and Cisco ASR 9000 Series Integrated Service Module (ISM) could allow an unauthenticated, remote attacker to cause the service interface module to reset.

The vulnerability is due to processing of packet sequences in the PPTP-ALG. An attacker could exploit this vulnerability by sending specific streams of traffic through the device. An exploit could allow the attacker to cause the service module to reset.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, the attacker must send a crafted stream of traffic through the targeted system. To achieve this objective, the attacker may need to access trusted, internal network resources. This access requirement reduces the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.