|
Cisco 6000/6500/7600 Series Denial of Service Vulnerability
|
|
Secunia Advisory:
|
SA10780
|
|
|
Release Date:
|
2004-02-04
|
|
Last Update:
|
2004-03-31
|
|
Popularity:
|
11,288 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Cisco IOS 12.x
Cisco IOS R12.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Cisco has reported a vulnerability in Cisco 6000/6500/7600 network devices, which can be exploited by malicious people to cause a Denial of Service.
The problem is that Cisco 6000/6500/7600 fails to handle inconsistencies in the size of OSI layer 2 (Data Link) and OSI layer 3 (Network) frames. This can be exploited to crash a vulnerable network device by crafting a malicious OSI layer 2 frame and sending it multiple times.
This attack can only be carried out on a local network. Any system not transmitting OSI layer 2 traffic such as a router or firewall will prevent malicious packets from being transmitted.
The vulnerability affects the following configurations:
* Cisco 6000/6500/7600 series with a MSFC2 and FlexWAN module or OSM module.
* Cisco 6000/6500/7600 series with a MSFC2 module running IOS 12.1(8b)E14.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
