Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
BID:22210
Info
Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
| Bugtraq ID: | 22210 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0481 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | An unknown Cisco customer discovered this issue. |
| Vulnerable: |
Cisco IOS 12.4XD Cisco IOS 12.4XC Cisco IOS 12.4XB Cisco IOS 12.4XA Cisco IOS 12.4T Cisco IOS 12.4 Cisco IOS 12.3YZ Cisco IOS 12.3YX Cisco IOS 12.3YU Cisco IOS 12.3YT Cisco IOS 12.3YS Cisco IOS 12.3YQ Cisco IOS 12.3YM Cisco IOS 12.3YK Cisco IOS 12.3YJ Cisco IOS 12.3YI Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YD Cisco IOS 12.3YA Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3 Cisco IOS 12.2ZN Cisco IOS 12.2ZL Cisco IOS 12.2ZJ Cisco IOS 12.2ZH Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZB Cisco IOS 12.2ZA Cisco IOS 12.2YZ Cisco IOS 12.2YY Cisco IOS 12.2YX Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YT Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YF Cisco IOS 12.2YE Cisco IOS 12.2YD Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XW Cisco IOS 12.2XV Cisco IOS 12.2XU Cisco IOS 12.2XT Cisco IOS 12.2XS Cisco IOS 12.2XQ Cisco IOS 12.2XN Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2XI Cisco IOS 12.2XH Cisco IOS 12.2XG Cisco IOS 12.2XF Cisco IOS 12.2XD Cisco IOS 12.2XC Cisco IOS 12.2XB Cisco IOS 12.2XA Cisco IOS 12.2TPC Cisco IOS 12.2T Cisco IOS 12.2SZ Cisco IOS 12.2SY Cisco IOS 12.2SXF Cisco IOS 12.2SXE Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SW Cisco IOS 12.2SU Cisco IOS 12.2SG Cisco IOS 12.2SEF Cisco IOS 12.2SEE Cisco IOS 12.2SED Cisco IOS 12.2SEC Cisco IOS 12.2SEB Cisco IOS 12.2SEA Cisco IOS 12.2SBC Cisco IOS 12.2SB Cisco IOS 12.2S Cisco IOS 12.2MC Cisco IOS 12.2IXA Cisco IOS 12.2EZ Cisco IOS 12.2EWA Cisco IOS 12.2EW Cisco IOS 12.2EU Cisco IOS 12.2DX Cisco IOS 12.2DD Cisco IOS 12.2CX Cisco IOS 12.2BY Cisco IOS 12.2BW Cisco IOS 12.2BC Cisco IOS 12.2B Cisco IOS 12.1YD Cisco IOS 12.1YC Cisco IOS 12.1YB Cisco IOS 12.1XV Cisco IOS 12.1XU Cisco IOS 12.0SZ Cisco IOS 12.0SY Cisco IOS 12.0SX Cisco IOS 12.0ST Cisco IOS 12.0S |
| Not Vulnerable: |
Cisco IOS 12.4XT Cisco IOS 12.4XP Cisco IOS 12.4XJ Cisco IOS 12.4XG Cisco IOS 12.4XE Cisco IOS 12.4SW Cisco IOS 12.4(9)T Cisco IOS 12.4(8) Cisco IOS 12.4(7a) Cisco IOS 12.4(6)T1 Cisco IOS 12.4(5b) Cisco IOS 12.4(4)T2 Cisco IOS 12.4(3d) Cisco IOS 12.4(2)XB2 Cisco IOS 12.4(2)T4 Cisco IOS 12.3JEB Cisco IOS 12.3JEA Cisco IOS 12.3(7)XI9 Cisco IOS 12.3(7)XI8a Cisco IOS 12.3(4)T13 Cisco IOS 12.3(18) Cisco IOS 12.3(17b)BC3 Cisco IOS 12.3(14)YX2 Cisco IOS 12.3(14)YM8 Cisco IOS 12.3(14)T7 Cisco IOS 12.3(11)YZ1 Cisco IOS 12.3(11)T10 Cisco IOS 12.2SRB Cisco IOS 12.2SRA Cisco IOS 12.2SGA Cisco IOS 12.2SEG Cisco IOS 12.2IXC Cisco IOS 12.2IXB Cisco IOS 12.2(31)XN Cisco IOS 12.2(31)SG Cisco IOS 12.2(31)SB Cisco IOS 12.2(30)S Cisco IOS 12.2(28)SB2 Cisco IOS 12.2(27)SBC4 Cisco IOS 12.2(26)SV Cisco IOS 12.2(25)SW7 Cisco IOS 12.2(25)SV3 Cisco IOS 12.2(25)SG1 Cisco IOS 12.2(25)SEF1 Cisco IOS 12.2(25)SEE1 Cisco IOS 12.2(25)S11 Cisco IOS 12.2(25)EWA6 Cisco IOS 12.2(18)SXF5 Cisco IOS 12.2(18)SXE6 Cisco IOS 12.2(18)SXD7a Cisco IOS 12.2(18)IXB Cisco IOS 12.2(15)MC2h Cisco IOS 12.0(32)SY Cisco IOS 12.0(32)S3 |
Discussion
Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
Cisco IOS is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed IPv6 source-routing headers.
Successfully exploiting this issue allows remote attackers to corrupt the memory of affected devices. This may potentially facilitate the execution of attacker-supplied machine code. Failed exploit attempts will likely crash IOS-based devices.
This issue is being tracked by Cisco Bug IDs CSCsd40334 and CSCsd58381.
Cisco IOS is prone to a remote memory-corruption vulnerability because the software fails to properly handle malformed IPv6 source-routing headers.
Successfully exploiting this issue allows remote attackers to corrupt the memory of affected devices. This may potentially facilitate the execution of attacker-supplied machine code. Failed exploit attempts will likely crash IOS-based devices.
This issue is being tracked by Cisco Bug IDs CSCsd40334 and CSCsd58381.
Exploit / POC
Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
Solution:
The vendor released an advisory and fixes addressing this issue. Please see the referenced vendor advisory for details on obtaining the appropriate updates.
Solution:
The vendor released an advisory and fixes addressing this issue. Please see the referenced vendor advisory for details on obtaining the appropriate updates.
References
Cisco IOS IPv6 Source Routing Remote Memory Corruption Vulnerability
References:
References:
- Cisco IOS Homepage (Cisco Systems)
- Cisco Security Advisory: IPv6 Routing Header Vulnerability (Cisco)
- Cisco Security Advisory: IPv6 Routing Header Vulnerability (Cisco Systems Product Security Incident Response Team
- Vulnerability Note VU#274760 - Cisco IOS fails to properly process specially cra (US-CERT)