Cisco ios xr Software DoS Vulnerability (CVE-2014-3353)
Released on: 2014-09-02
Updated on: 2014-09-04
Affected Systems:
Cisco IOS
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69506
CVE (CAN) ID: CVE-2014-3353
Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.
On Cisco Carrier Routing System (CRS), The ICMPv6 client of Cisco ios xr has a security vulnerability. unauthenticated remote attackers can cause high CPU utilization on the Cisco CRS line card, some IPv6 packets sent to the affected device are lost. This vulnerability is caused by the failure to correctly process malformed IPv6 packets.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3353
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse
This article permanently updates the link address: