Cisco ASR 5000 GGSN Component Denial of Service Vulnerability (CVE-2015-4201)
Cisco ASR 5000 GGSN Component Denial of Service Vulnerability (CVE-2015-4201)
Release date:
Updated on:
Affected Systems:
Cisco ASR 5000 18.0.L0.59219
Cisco ASR 5000 17.2.0.59184
Description:
CVE (CAN) ID: CVE-2015-4201
The Cisco ASR 5000 series is a carrier-level platform for deploying high-demand 3G networks and migrating to long-term evolution (LTE) networks.
The GGSN component has a security vulnerability in software versions 17.2.0.59184 and 18.0.L0.59219 of Cisco ASR 5000. Remote attackers can exploit this vulnerability to cause DoS (Session Manager restart) by using invalid TCP/IP headers ).
<* Source: vendor
*>
Suggestion:
Vendor patch:
Cisco
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 39431
This article permanently updates the link address: