Cisco ISM Malformed Authentication Header Packet Denial of Service Vulnerability

Related Vulnerabilities: CVE-2013-1241  

A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the affected module. The vulnerability is due to improper processing of malformed authentication header packets. An attacker could exploit this vulnerability by sending a stream of malformed authentication header packets over an established IPsec security association. An exploit could allow the attacker to cause a reload of the affected module, resulting in a denial of service (DoS) condition for IPsec traffic. Cisco has confirmed the vulnerability in a security notice and software updates are available. To exploit this vulnerability, the attacker must authenticate to a targeted system to send malformed authentication header packets. This access requirement limits the possibility of a successful exploit. Customers are advised to review the bug reports in the "Vendor Announcements" section for a current list of affected versions. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.