Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability

Bugtraq ID:	59007
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-1165
Remote:	Yes
Local:	No
Published:	Apr 10 2013 12:00AM
Updated:	Apr 10 2013 12:00AM
Credit:	Cisco
Vulnerable:	Cisco IOS XE 2.6.2 Cisco IOS XE 2.6.1 Cisco IOS XE 2.5.2 Cisco IOS XE 2.5.1 Cisco IOS XE 2.4.1 Cisco IOS XE 2.4 Cisco IOS XE 2.3.2 Cisco IOS XE 2.3.1 t Cisco IOS XE 2.3.1 Cisco IOS XE 2.2.3 Cisco IOS XE 3.7 Cisco IOS XE 3.6 Cisco IOS XE 3.5 Cisco IOS XE 3.4 Cisco IOS XE 3.3 Cisco IOS XE 3.2 Cisco IOS XE 3.1 Cisco IOS XE 2.6 Cisco IOS XE 2.5 Cisco IOS XE 2.4 Cisco IOS XE 2.3 Cisco IOS XE 2.2 Cisco IOS XE 2.1
Not Vulnerable:	Cisco IOS XE 3.7.1S Cisco IOS XE 3.4.5S

Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability

Cisco IOS XE is prone to a remote denial-of-service vulnerability.

Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service.


This issue is being tracked by Cisco Bug ID CSCtz23293.

Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability

An attacker can exploit this issue using readily available tools.

Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability

References: