SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco Carrier Routing System Vendors:   Cisco
Cisco IOS XR for Carrier Routing System IPv6 Parsing Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1031778
SecurityTracker URL:  http://securitytracker.com/id/1031778
CVE Reference:   CVE-2015-0618   (Links to External Site)
Date:  Feb 20 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco IOS XR for Cisco Carrier Routing System. A remote user can cause denial of service conditions.

A remote user can send specially crafted IPv6 packets with extension headers through the target Cisco IOS XR device line card to cause the target line card to reload.

Systems configured to process IPv6 traffic passing through the target device are affected.

The vendor has assigned bug ID bug ID CSCuq95241 to this vulnerability.

Cisco IOS XR release version 5.3.2 for Cisco NCS 6000 is not affected. Cisco IOS XR release version 5.3.0 for CRS-X is not affected.

Cisco Network Convergence System 6000 (NCS 6000) is also affected.

Impact:   A remote user can cause the target line card to reload.
Solution:   The vendor has issued a fix:

hfr-px-5.1.3.CSCuq95241.pie for version 5.1.3 for CRS-X
hfr-px-5.1.4.CSCuq95241.pie for version 5.1.4 for CRS-X

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6 (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC