Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability

Bugtraq ID:	59003
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-1164
Remote:	Yes
Local:	No
Published:	Apr 10 2013 12:00AM
Updated:	Apr 10 2013 12:00AM
Credit:	Cisco
Vulnerable:	Cisco IOS XE 3.4
Not Vulnerable:

Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability

Cisco IOS XE is prone to a remote denial-of-service vulnerability.

Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users.

This issue is being tracked by Cisco Bug IDs CSCtz97563 and CSCub34945.

Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability

An attacker can exploit this issue using readily available tools.

Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability

References:

• Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Se (Cisco)
  
• All bgp sessions flap when adding a session with BOS bit not set in mpls (Cisco)