Published: 08/05/2013 Updated: 08/05/2013
CVSS v2 Base Score: 6.3 | Impact Score: 6.9 | Exploitability Score: 6.8
VMScore: 561
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C

Vulnerability Summary

The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios -

cisco 3945e_integrated_services_router -

cisco 3925_integrated_services_router -

cisco 3925e_integrated_services_router -

cisco 2951_integrated_services_router -

cisco 887_integrated_services_router -

cisco 886va-w_integrated_services_router -

cisco 886va_integrated_services_router -

cisco 886_integrated_services_router -

cisco c881w_integrated_services_router -

cisco 2911_integrated_services_router -

cisco 1941_integrated_services_router -

cisco 888_integrated_services_router -

cisco 887va_integrated_services_router -

cisco 881_integrated_services_router -

cisco 867_integrated_services_router -

cisco 1941w_integrated_services_router -

cisco 1921_integrated_services_router -

cisco 892_integrated_services_router -

cisco 891_integrated_services_router -

cisco 3945_integrated_services_router -

cisco 2921_integrated_services_router -

cisco 2901_integrated_services_router -

cisco 887va-w_integrated_services_router -

cisco 887v_integrated_services_router -

cisco 880_3g_integrated_services_router -

cisco 861_integrated_services_router -

Vendor Advisories

A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the affected module The vulnerability is due to improper processing of malformed authentication header packets An attacker could exploit this vulnerability by sending a stream of malfor ...