Cisco IOS XR MPLS Denial of Service Vulnerability

Bugtraq ID:	17607
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Apr 19 2006 12:00AM
Updated:	Apr 19 2006 11:11PM
Credit:	Reported by the vendor.
Vulnerable:	Cisco IOS XR for PRP 3.2.3 Cisco IOS XR for CRS-1 3.2.3 Cisco IOS XR 3.2.50 Cisco IOS XR 3.2.4 Cisco IOS XR 3.2.3 Cisco IOS XR 3.2.2 Cisco IOS XR 3.2.1 Cisco IOS XR 3.2
Not Vulnerable:	Cisco IOS XR 3.3

Cisco IOS XR MPLS Denial of Service Vulnerability

The NetIO process on Cisco CRS-1 or a 12000 series devices that run Cisco IOS XR with Multiple Multi Protocol Label Switching (MPLS) can restart when switching certain MPLS packets.

A successful attack results in a denial-of-service condition for traffic that is being switched on an affected Modular Services Card (MSC) or line card.

A sustained denial-of-service condition can also arise from repeated attacks.

Cisco IOS XR MPLS Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]

Cisco IOS XR MPLS Denial of Service Vulnerability

Solution:

Cisco has released an advisory to address this issue. IOS XR 3.3.0 is not vulnerable to this issue.

Cisco IOS XR MPLS Denial of Service Vulnerability

References:

• Cisco Security Advisory: Cisco IOS XR MPLS Vulnerabilities (Cisco Systems Product Security Incident Response Team )