Cisco IOS XR 4.0.1 up to and including 4.2.0 for CRS-3 Carrier Routing System allows remote malicious users to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios xr software 4.1_base |
||
cisco ios xr software 4.1.0 |
||
cisco ios xr software 4.2.0 |
||
cisco ios xr software 4.1.1 |
||
cisco ios xr software 4.1.2 |
||
cisco ios xr software 4.0.1 |
||
cisco ios xr software 4.0.3 |
||
cisco ios xr software 4.0.11 |
||
cisco ios xr software 4.0.2 |
||
cisco ios xr software 4.0.4 |
Remote code execution for some, denial of service for the rest of us
Cisco has issued a string of patches for 16 faults including a fix for a possible remote code execution in its IOS and IOS XE routing software. The patches address a generous dollop of security conditions caused by faulty queued packets. One flaw, rated severity 8.3, allows attackers to gain remote code execution in IOS XE by sending a crafted packet that allows code to run on affected boxes. Attackers could also send crafted packets to trigger denial of service. "A vulnerability in the AppNav c...