Cisco ASR 9000 series router IPv4 Denial of Service Vulnerability

Release date:
Updated on:

Affected Systems:
Cisco ASR 9006
Cisco ASR 9006
Description:
--------------------------------------------------------------------------------
Bugtraq id: 48811
Cve id: CVE-2011-2549

Cisco ASR 9000 series is an integrated service router solution that uses the Cisco ios xr Software module operating system to provide carrier-level reliability.

Cisco ASR 9000 has a denial-of-service vulnerability in the implementation of IPV4. Remote attackers can exploit this vulnerability to overload or suspend the affected devices and cause denial of service to legitimate users.

When processing IPv4 packets, Cisco ASR 9000 Series devices running Cisco ios xr Software v4.1.0 can lock the network processor in the line card, and the line card that processes malicious packets will be automatically reloaded.

<* Source: Cisco

Link: http://www.cisco.com/warp/public/707/cisco-sa-20110720-asr9k.shtml
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20110720-asr9k) and patches for this:

Cisco-sa-20110720-asr9k: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

Link: http://www.cisco.com/warp/public/707/cisco-sa-20110720-asr9k.shtml