Cisco IOS SAA Malformed RTR Packet DoS

2003-05-15T00:00:00
ID OSVDB:8902
Type osvdb
Reporter OSVDB
Modified 2003-05-15T00:00:00

Description

Vulnerability Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when the Service Assurance Agent (SAA), also known as the Response Time Reporter (RTR), receives a malformed packet. When the router receives a malformed RTR packet, it will crash, and will result in loss of availability for the platform. RTR is disabled by default.

Solution Description

Upgrade to the version appropriate for your installation, as outlined in the vulnerable version matrix provided by Cisco. It is also possible to correct the flaw by implementing the following workaround(s): Disable the SAA/RTR responder, and filter traffic accordingly.

Short Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when the Service Assurance Agent (SAA), also known as the Response Time Reporter (RTR), receives a malformed packet. When the router receives a malformed RTR packet, it will crash, and will result in loss of availability for the platform. RTR is disabled by default.

References:

Vendor Specific Advisory URL Keyword: TCP Port 1967 ISS X-Force ID: 12014 CVE-2003-0305 Bugtraq ID: 7607