Cisco IOS Internet Key Exchange (IKE) Memory Leak CVE-2013-1144 Denial of Service Vulnerability

Bugtraq ID:	58742
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-1144
Remote:	Yes
Local:	No
Published:	Mar 27 2013 12:00AM
Updated:	Mar 27 2013 12:00AM
Credit:	Cisco
Vulnerable:	Cisco IOS 15.1GC
Not Vulnerable:	Cisco IOS 15.1(3)T

Cisco IOS Internet Key Exchange (IKE) Memory Leak CVE-2013-1144 Denial of Service Vulnerability

Cisco IOS is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause an affected device to reload or become unresponsive, denying service to legitimate users.

This issue is tracked by Cisco Bug ID CSCth81055.
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsq24002

Cisco IOS Internet Key Exchange (IKE) Memory Leak CVE-2013-1144 Denial of Service Vulnerability

To exploit this issue, attackers can use readily available network utilities.

Cisco IOS Internet Key Exchange (IKE) Memory Leak CVE-2013-1144 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco IOS Internet Key Exchange (IKE) Memory Leak CVE-2013-1144 Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )