Cisco IOS RSVP Feature Remote Denial of Service Vulnerability

Bugtraq ID:	52754
Class:	Design Error
CVE:	CVE-2012-1311
Remote:	Yes
Local:	No
Published:	Mar 28 2012 12:00AM
Updated:	Mar 28 2012 12:00AM
Credit:	Cisco
Vulnerable:	Cisco IOS XE 2.6.2 Cisco IOS XE 2.6.1 Cisco IOS XE 2.5.2 Cisco IOS XE 2.5.1 Cisco IOS XE 2.4.1 Cisco IOS XE 2.4 Cisco IOS XE 2.3.2 Cisco IOS XE 2.3.1 t Cisco IOS XE 2.3.1 Cisco IOS XE 2.2.3 Cisco IOS XE 3.6.0S Cisco IOS XE 3.5.0S Cisco IOS XE 3.4 Cisco IOS XE 3.3.xS Cisco IOS XE 3.3.2S Cisco IOS XE 3.3 Cisco IOS XE 3.2.xS Cisco IOS XE 3.2.0SG Cisco IOS XE 3.2 Cisco IOS XE 3.1xSG Cisco IOS XE 3.1.xS Cisco IOS XE 3.1 Cisco IOS XE 2.6 Cisco IOS XE 2.5 Cisco IOS XE 2.4 Cisco IOS XE 2.3 Cisco IOS XE 2.2 Cisco Ios 15.1SNH Cisco Ios 15.1SNG Cisco IOS 15.1S Cisco IOS 15.1MR Cisco IOS 15.1M Cisco IOS 15.1GC Cisco IOS 15.1EY Cisco Ios 15.0XO Cisco Ios 15.0XA Cisco Ios 15.0SY Cisco IOS 15.0SE Cisco IOS 15.0SA Cisco IOS 15.0MRA Cisco IOS 15.0MR Cisco IOS 15.0M
Not Vulnerable:	Cisco IOS XE 3.4.2S Cisco Ios 15.1(4)M4 Cisco Ios 15.1(4)M3a Cisco Ios 15.1(4)M3 Cisco Ios 15.1(3)T3 Cisco Ios 15.1(3)S2 Cisco Ios 15.1(2)GC2 Cisco Ios 15.1(2)EY2 Cisco Ios 15.1(1)T5 Cisco Ios 15.0(1)M8

Cisco IOS RSVP Feature Remote Denial of Service Vulnerability

Cisco IOS is prone to a remote denial-of-service vulnerability.

Successful exploits will result in a denial-of-service condition.

This issue is being tracked by Cisco Bug ID CSCts80643.

Cisco IOS RSVP Feature Remote Denial of Service Vulnerability

To exploit this issue, attackers can use readily available network utilities.

Cisco IOS RSVP Feature Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references for details.

Cisco IOS RSVP Feature Remote Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco IOS Software (Cisco Systems)
  
• Cisco IOS Software RSVP Denial of Service Vulnerability (Cisco)