Cisco IOS XR Software Route Processor Denial of Service Vulnerability
BID:53728
Info
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
| Bugtraq ID: | 53728 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2012-2488 |
| Remote: | Yes |
| Local: | No |
| Published: | May 30 2012 12:00AM |
| Updated: | Aug 16 2012 11:10AM |
| Credit: | Cisco |
| Vulnerable: |
Cisco Ios Xr 4.2 Cisco Ios Xr 4.1.2 Cisco Ios Xr 4.0.4 Cisco Ios Xr 4.1.1 Cisco Ios Xr 4.1.0 Cisco Ios Xr 4.0.3 Cisco CRS Performance Route Processor 0 Cisco ASR 9010 0 Cisco ASR 9006 0 |
| Not Vulnerable: |
Cisco Ios Xr 4.2.1 |
Discussion
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
Cisco IOS XR Software is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause the route processor on an affected device to stop transmitting packets from the route processor CPU to the fabric, resulting in a denial-of-service condition.
This issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS).
Cisco IOS XR Software is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause the route processor on an affected device to stop transmitting packets from the route processor CPU to the fabric, resulting in a denial-of-service condition.
This issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS).
Exploit / POC
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
To exploit this issue, attackers can use readily available network utilities.
To exploit this issue, attackers can use readily available network utilities.
Solution / Fix
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
References:
References: