Cisco IOS Software IPsec Packet Processing Denial of Service Vulnerability
Cisco IOS Software IPsec Packet Processing Denial of Service Vulnerability
Release date:
Updated on:
Affected Systems:
Cisco IOS
Description:
--------------------------------------------------------------------------------
Bugtraq id: 68177
CVE (CAN) ID: CVE-2014-3299
Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.
Cisco IOS Software has a security vulnerability in IPsec processing, which can cause authenticated remote attackers to reload the affected devices. This vulnerability is caused by the failure to correctly handle malformed IPsec packets.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3299
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3299
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 34704
This article permanently updates the link address: