Published: 08/05/2013 Updated: 08/05/2013
CVSS v2 Base Score: 6.3 | Impact Score: 6.9 | Exploitability Score: 6.8
VMScore: 561
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C

Vulnerability Summary

The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios -

cisco 1921_integrated_services_router -

cisco 1941_integrated_services_router -

cisco 1941w_integrated_services_router -

cisco 2901_integrated_services_router -

cisco 2911_integrated_services_router -

cisco 2921_integrated_services_router -

cisco 2951_integrated_services_router -

cisco 3925_integrated_services_router -

cisco 3925e_integrated_services_router -

cisco 3945_integrated_services_router -

cisco 3945e_integrated_services_router -

cisco 861_integrated_services_router -

cisco 867_integrated_services_router -

cisco 880_3g_integrated_services_router -

cisco 881_integrated_services_router -

cisco 886_integrated_services_router -

cisco 886va-w_integrated_services_router -

cisco 886va_integrated_services_router -

cisco 887_integrated_services_router -

cisco 887v_integrated_services_router -

cisco 887va-w_integrated_services_router -

cisco 887va_integrated_services_router -

cisco 888_integrated_services_router -

cisco 891_integrated_services_router -

cisco 892_integrated_services_router -

cisco c881w_integrated_services_router -

Vendor Advisories

A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the affected module The vulnerability is due to improper processing of malformed authentication header packets An attacker could exploit this vulnerability by sending a stream of malfor ...