Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability

Bugtraq ID:	12369
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2005-0197
Remote:	Yes
Local:	No
Published:	Jan 26 2005 12:00AM
Updated:	Jul 12 2009 10:06AM
Credit:	The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue.
Vulnerable:	Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YE Cisco IOS 12.3YD Cisco IOS 12.3YA Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XT Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XN Cisco IOS 12.3XM Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3 Cisco IOS 12.2ZP Cisco IOS 12.2ZO Cisco IOS 12.2ZN Cisco IOS 12.2ZL Cisco IOS 12.2ZJ Cisco IOS 12.2ZI Cisco IOS 12.2ZH Cisco IOS 12.2ZG Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZC Cisco IOS 12.2ZB Cisco IOS 12.2YZ Cisco IOS 12.2YX Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YS Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YO Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YE Cisco IOS 12.2YD Cisco IOS 12.2YC Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XZ Cisco IOS 12.2XW Cisco IOS 12.2XV Cisco IOS 12.2XU Cisco IOS 12.2XT Cisco IOS 12.2XS Cisco IOS 12.2XR Cisco IOS 12.2XQ Cisco IOS 12.2XN Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2XI Cisco IOS 12.2XH Cisco IOS 12.2XG Cisco IOS 12.2XF Cisco IOS 12.2XE Cisco IOS 12.2XD Cisco IOS 12.2XC Cisco IOS 12.2XB Cisco IOS 12.2XA Cisco IOS 12.2T Cisco IOS 12.2SZ Cisco IOS 12.2SY Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SW Cisco IOS 12.2SU Cisco IOS 12.2S Cisco IOS 12.2MX Cisco IOS 12.2MC Cisco IOS 12.2MB Cisco IOS 12.2JK Cisco IOS 12.2JA Cisco IOS 12.2EWA Cisco IOS 12.2EW Cisco IOS 12.2DX Cisco IOS 12.2DD Cisco IOS 12.2DA Cisco IOS 12.2CZ Cisco IOS 12.2CY Cisco IOS 12.2CX Cisco IOS 12.2BZ Cisco IOS 12.2BY Cisco IOS 12.2BX Cisco IOS 12.2BW Cisco IOS 12.2BC Cisco IOS 12.2B Cisco IOS 12.1YI Cisco IOS 12.1YH Cisco IOS 12.1YF Cisco IOS 12.1YE Cisco IOS 12.1YD Cisco IOS 12.1YC Cisco IOS 12.1YB Cisco IOS 12.1YA Cisco IOS 12.1XV Cisco IOS 12.1XU Cisco IOS 12.1XT Cisco IOS 12.1XR Cisco IOS 12.1XQ Cisco IOS 12.1XP Cisco IOS 12.1XM Cisco IOS 12.1XL Cisco IOS 12.1XJ Cisco IOS 12.1XI Cisco IOS 12.1XG Cisco IOS 12.1T Cisco IOS 12.1DC Cisco IOS 12.1DB
Not Vulnerable:

Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability

Cisco IOS based routers that are configured with support for Multi Protocol Label Switching (MPLS) are reported prone to a remote denial of service vulnerability.

It is reported that the vulnerability presents itself when an affected router handles an unspecified malicious packet on a MPLS disabled interface.

A remote attacker that resides on the same network segment as the vulnerable router may exploit this vulnerability continuously to effectively deny network-based services to legitimate users.

Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability

Solution:
The vendor has released an updated advisory (cisco-sa-20050126-les revision 1.1) and fixes to address this vulnerability. Customers are advised to peruse the referenced advisory for further information in regards to obtaining and applying appropriate updates.

Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability

References:

• Document ID: 63846 - Cisco Security Advisory: Crafted Packet Causes Reload on C (Cisco)
  
• VU#583638 - Cisco IOS contains DoS vulnerability in MPLS packet processing (US-CERT)