Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability

Bugtraq ID:	38930
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2010-0577
Remote:	Yes
Local:	No
Published:	Mar 24 2010 12:00AM
Updated:	Mar 24 2010 12:00AM
Credit:	The vendor disclosed this vulnerability.
Vulnerable:	Cisco IOS 12.4YG Cisco IOS 12.4YE Cisco IOS 12.4YD Cisco IOS 12.4YB Cisco IOS 12.4YA Cisco IOS 12.4XZ Cisco IOS 12.4XY Cisco IOS 12.4XW Cisco IOS 12.4XV Cisco IOS 12.4XT Cisco IOS 12.4XR Cisco IOS 12.4XQ Cisco IOS 12.4XP Cisco IOS 12.4XN Cisco IOS 12.4XM Cisco IOS 12.4XL Cisco IOS 12.4XK Cisco IOS 12.4XJ Cisco IOS 12.4XG Cisco IOS 12.4XF Cisco IOS 12.4XE Cisco IOS 12.4XD Cisco IOS 12.4XC Cisco IOS 12.4XB Cisco IOS 12.4XA Cisco IOS 12.4T Cisco IOS 12.4SW Cisco IOS 12.4MR Cisco IOS 12.4MDA Cisco IOS 12.4MD Cisco IOS 12.4JX Cisco IOS 12.4JMB Cisco IOS 12.4JMA Cisco IOS 12.4JL Cisco IOS 12.4JK Cisco IOS 12.4JDD Cisco IOS 12.4JDC Cisco IOS 12.4JDA Cisco IOS 12.4JA Cisco IOS 12.4GC Cisco IOS 12.4(19)MR Cisco IOS 12.4(15)MD1 Cisco IOS 12.4(15)MD Cisco IOS 12.4 Cisco IOS 12.3ZA Cisco IOS 12.3YZ Cisco IOS 12.3YX Cisco IOS 12.3YU Cisco IOS 12.3YT Cisco IOS 12.3YS Cisco IOS 12.3YQ Cisco IOS 12.3YM Cisco IOS 12.3YK Cisco IOS 12.3YJ Cisco IOS 12.3YI Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YD Cisco IOS 12.3YA Cisco IOS 12.3XZ Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3TPC Cisco IOS 12.3T Cisco IOS 12.3JX Cisco IOS 12.3JL Cisco IOS 12.3JK Cisco IOS 12.3JED Cisco IOS 12.3JEC Cisco IOS 12.3JEB Cisco IOS 12.3JEA Cisco IOS 12.3JA Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3 Cisco IOS 12.2ZYA Cisco IOS 12.2ZY Cisco IOS 12.2ZX Cisco IOS 12.2ZU Cisco IOS 12.2ZP Cisco IOS 12.2ZL Cisco IOS 12.2ZJ Cisco IOS 12.2ZH Cisco IOS 12.2ZG Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZC Cisco IOS 12.2ZB Cisco IOS 12.2YY Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YT Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YP Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YD Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XW Cisco IOS 12.2XR Cisco IOS 12.2XO Cisco IOS 12.2XNF Cisco IOS 12.2XNE Cisco IOS 12.2XND Cisco IOS 12.2XNC Cisco IOS 12.2XNB Cisco IOS 12.2XNA Cisco IOS 12.2XN Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2TPC Cisco IOS 12.2T Cisco IOS 12.2SZ Cisco IOS 12.2SXI Cisco IOS 12.2SXH Cisco IOS 12.2SXF Cisco IOS 12.2SXE Cisco IOS 12.2SXD Cisco IOS 12.2SW Cisco IOS 12.2SVE Cisco IOS 12.2SVD Cisco IOS 12.2SVC Cisco IOS 12.2SVA Cisco IOS 12.2SV Cisco IOS 12.2STE Cisco IOS 12.2SRD Cisco IOS 12.2SRC Cisco IOS 12.2SRB Cisco IOS 12.2SRA Cisco IOS 12.2SO Cisco IOS 12.2SM Cisco IOS 12.2SGA Cisco IOS 12.2SG Cisco IOS 12.2SEG Cisco IOS 12.2SEE Cisco IOS 12.2SED Cisco IOS 12.2SEC Cisco IOS 12.2SEB Cisco IOS 12.2SEA Cisco IOS 12.2SE Cisco IOS 12.2SCB Cisco IOS 12.2SCA Cisco IOS 12.2SBC Cisco IOS 12.2SB Cisco IOS 12.2S Cisco IOS 12.2MC Cisco IOS 12.2JK Cisco IOS 12.2JA Cisco IOS 12.2IXG Cisco IOS 12.2IXF Cisco IOS 12.2IXE Cisco IOS 12.2IXD Cisco IOS 12.2IXC Cisco IOS 12.2IXB Cisco IOS 12.2IXA Cisco IOS 12.2IRB Cisco IOS 12.2IRA Cisco IOS 12.2FZ Cisco IOS 12.2EZ Cisco IOS 12.2EY Cisco IOS 12.2EX Cisco IOS 12.2EWA Cisco IOS 12.2EW Cisco IOS 12.2CZ Cisco IOS 12.2CY Cisco IOS 12.2CX Cisco IOS 12.2BZ Cisco IOS 12.2BY Cisco IOS 12.2BX Cisco IOS 12.2BC Cisco IOS 12.2B Cisco IOS 12.2(25)SEG3 Cisco IOS 12.2(25)SEG2
Not Vulnerable:	Cisco IOS 15.0M Cisco IOS 15.0(1)M2 Cisco IOS 15.0(1)M1 Cisco IOS 12.4(25c) Cisco IOS 12.4(24)YE Cisco IOS 12.4(24)T2 Cisco IOS 12.4(22)YE2 Cisco IOS 12.4(22)YB5 Cisco IOS 12.4(22)XR3 Cisco IOS 12.4(22)T3 Cisco IOS 12.4(22)T1 Cisco IOS 12.4(22)T Cisco IOS 12.4(22)MDA2 Cisco IOS 12.4(20)YA3 Cisco IOS 12.4(20)YA2 Cisco IOS 12.4(20)T4 Cisco IOS 12.4(20)T2 Cisco IOS 12.4(20)T Cisco IOS 12.4(19)MR2 Cisco IOS 12.4(19)MR1 Cisco IOS 12.4(15)XZ2 Cisco IOS 12.4(15)XY4 Cisco IOS 12.4(15)XR4 Cisco IOS 12.4(15)XQ2 Cisco IOS 12.4(15)T9 Cisco IOS 12.4(15)T10 Cisco IOS 12.4(15)MD4 Cisco IOS 12.4(15)MD2 Cisco IOS 12.4(11)MD7 Cisco IOS 12.4(11)MD10 Cisco IOS 12.4(10b)JDD1 Cisco IOS 12.3(7)XI11 Cisco IOS 12.2SCB Cisco IOS 12.2S Cisco IOS 12.2IXH Cisco IOS 12.2(52)SG Cisco IOS 12.2(50)SG Cisco IOS 12.2(50)SE Cisco IOS 12.2(46)XO Cisco IOS 12.2(46)SE2 Cisco IOS 12.2(44)SE6 Cisco IOS 12.2(44)SE5 Cisco IOS 12.2(44)EY Cisco IOS 12.2(4)JA1 Cisco IOS 12.2(33)SXI1 Cisco IOS 12.2(33)SXH5 Cisco IOS 12.2(33)SRD1 Cisco IOS 12.2(33)SRC4 Cisco IOS 12.2(33)SRC3 Cisco IOS 12.2(33)SRB5a Cisco IOS 12.2(33)SCB1 Cisco IOS 12.2(33)SB4 Cisco IOS 12.2(33)SB3 Cisco IOS 12.2(31)SGA9 Cisco IOS 12.2(31)SB14 Cisco IOS 12.2(28)SB13 Cisco IOS 12.2(25)SEG6 Cisco IOS 12.2(25)SEG4 Cisco IOS 12.2(2)BX1 Cisco IOS 12.2(18)ZYA1 Cisco IOS 12.2(18)SXF16 Cisco IOS 12.2(18)IXH

Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability

Cisco IOS is prone to a denial-of-service vulnerability when handling specially crafted TCP packets.

An attacker can exploit this issue to trigger an affected device to reload or hang, causing denial-of-service conditions.

The device must have a specific configuration to be affected by this vulnerability.

This issue is documented by Cisco Bug ID CSCsz75186.

Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability

Solution:
The vendor has released updates. Please see the referenced advisory for details.

Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco Security Advisory: Cisco IOS Software Crafted TCP Packet Denial of Service (Cisco)