Published: 21/02/2015 Updated: 27/11/2015

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote malicious users to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xr 5.0.1
cisco ios_xr 5.2.1
cisco carrier routing system 5.1.4
cisco carrier routing system 5.1.3

Cisco IPv6 processing bug can cause DoS attacks

The Register • Richard Chirgwin • 23 Feb 2015

Carriers need to patch their big network iron

Cisco has announced that NCS 6000 and Carrier Routing System (CRS-X) – heavy hunks of iron used in the service provider market – have an IPv6 software bug that needs patching. The bug impacts the ways Cisco IOS XR units parse IPv6 packets and an attack exploiting the problem could result in a forced restart of the line card that's processing the traffic. “An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco I...

CVE-2015-0618

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect