Published: 26/08/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.9 | Exploitability Score: 3.2

VMScore: 409

Vector: AV:A/AC:H/Au:N/C:N/I:N/A:C

Cisco IOS XR 4.3(.2) and previous versions on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote malicious users to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xr 4.3.0
cisco ios_xr
cisco ios_xr 4.3.1
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9922 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9006 -
cisco asr_9010 -

A vulnerability in the packet parsing code of Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic The vulnerability is due to improper parsing of a specific packet when NetF ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335 http://tools.cisco.com/security/center/viewAlert.x?alertId=35416 http://secunia.com/advisories/60222 http://www.securitytracker.com/id/1030757 http://www.securityfocus.com/bid/69383 https://exchange.xforce.ibmcloud.com/vulnerabilities/95443 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140825-CVE-2014-3335

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3335

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect