Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
BID:10083
Info
Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
| Bugtraq ID: | 10083 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-0710 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 08 2004 12:00AM |
| Updated: | Jul 12 2009 04:06AM |
| Credit: | The vendor announced this vulnerability. |
| Vulnerable: |
Cisco IOS 12.2ZA Cisco IOS 12.2SY Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2(17d)SX Cisco IOS 12.2(17a)SXA Cisco IOS 12.2(14)ZA2 Cisco IOS 12.2(14)ZA Cisco IOS 12.2(14)SY |
| Not Vulnerable: |
Cisco IOS 12.2(17d)SXB Cisco IOS 12.2(17b)SXA Cisco IOS 12.2(14)ZA8 Cisco IOS 12.2(14)SY03 |
Discussion
Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
Cisco IOS has been reported prone to a remote denial of service vulnerability. It is reported that the issue will present itself when IOS is running on a Cisco Catalyst 6500 Series Switch or a Cisco 7600 Series Router that has a VPN Services Module (VPNSM) installed.
When one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload.
**Update (March 30th 2005): The vendor reports that certain devices that do not have the VPN Services Module installed might also be affected by this vulnerability. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default.
Cisco IOS has been reported prone to a remote denial of service vulnerability. It is reported that the issue will present itself when IOS is running on a Cisco Catalyst 6500 Series Switch or a Cisco 7600 Series Router that has a VPN Services Module (VPNSM) installed.
When one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload.
**Update (March 30th 2005): The vendor reports that certain devices that do not have the VPN Services Module installed might also be affected by this vulnerability. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default.
Exploit / POC
Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
Solution:
An updated Cisco advisory is available, this advisory contains additional information in regard to this issue as well as additional fix information. Customers are advised to peruse the referenced advisory to obtain this information.
Cisco has released the following fix information:
12.2SXA is addressed by 12.2(17b)SXA and later.
12.2SXB is addressed by 12.2(17d)SXB and later.
12.2SY is addressed by 12.2(14)SY03 and later.
12.2ZA will be addressed by the pending release of 12.2(14)ZA8 and later.
Further details may be found in the attached Cisco advisory.
Solution:
An updated Cisco advisory is available, this advisory contains additional information in regard to this issue as well as additional fix information. Customers are advised to peruse the referenced advisory to obtain this information.
Cisco has released the following fix information:
12.2SXA is addressed by 12.2(17b)SXA and later.
12.2SXB is addressed by 12.2(17d)SXB and later.
12.2SY is addressed by 12.2(14)SY03 and later.
12.2ZA will be addressed by the pending release of 12.2(14)ZA8 and later.
Further details may be found in the attached Cisco advisory.
References
Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability
References:
References: