Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

BID:10083

Info

Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

Bugtraq ID: 10083
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2004-0710
Remote: Yes
Local: No
Published: Apr 08 2004 12:00AM
Updated: Jul 12 2009 04:06AM
Credit: The vendor announced this vulnerability.
Vulnerable: Cisco IOS 12.2ZA
Cisco IOS 12.2SY
Cisco IOS 12.2SXB
Cisco IOS 12.2SXA
Cisco IOS 12.2(17d)SX
Cisco IOS 12.2(17a)SXA
Cisco IOS 12.2(14)ZA2
Cisco IOS 12.2(14)ZA
Cisco IOS 12.2(14)SY
Not Vulnerable: Cisco IOS 12.2(17d)SXB
Cisco IOS 12.2(17b)SXA
Cisco IOS 12.2(14)ZA8
Cisco IOS 12.2(14)SY03

Discussion

Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

Cisco IOS has been reported prone to a remote denial of service vulnerability. It is reported that the issue will present itself when IOS is running on a Cisco Catalyst 6500 Series Switch or a Cisco 7600 Series Router that has a VPN Services Module (VPNSM) installed.

When one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload.

**Update (March 30th 2005): The vendor reports that certain devices that do not have the VPN Services Module installed might also be affected by this vulnerability. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default.

Exploit / POC

Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

Solution:
An updated Cisco advisory is available, this advisory contains additional information in regard to this issue as well as additional fix information. Customers are advised to peruse the referenced advisory to obtain this information.

Cisco has released the following fix information:

12.2SXA is addressed by 12.2(17b)SXA and later.

12.2SXB is addressed by 12.2(17d)SXB and later.

12.2SY is addressed by 12.2(14)SY03 and later.

12.2ZA will be addressed by the pending release of 12.2(14)ZA8 and later.

Further details may be found in the attached Cisco advisory.

References

Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report