Cisco IOS IPSec MTU Remote Denial of Service Vulnerability
Release date:
Updated on:
Affected Systems:
Cisco IOS 15.3
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63874
CVE (CAN) ID: CVE-2013-6694
Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.
A Remote Denial of Service (DoS) vulnerability exists in the IPSec Implementation of Cisco IOS. Remote attackers can exploit this vulnerability through specially crafted ICMP packets to cause DoS (MTU change and channel session suspension ).
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6694
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.cisco.com/go/psirt