Home Unlabelled Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability

Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability

By
Thursday, July 30, 2015
Read
Add Comment
A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet.

The vulnerability is due to improper processing of crafted, fragmented packets. An attacker could exploit this vulnerability by sending a crafted sequence of fragmented packets. An exploit could allow the attacker to cause a reload of the affected platform.

Cisco has released software updates that address this vulnerability.

There are no workarounds to mitigate this vulnerability.

This advisory is available at the following link:
http://ift.tt/1SP6A4X

from Cisco Security Advisory http://ift.tt/1SP6A4X
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us