CVE-2007-0199

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 11.0 through 12.4

Description The issue allows remote attackers to cause a denial of service via an invalid value in a DLSw message during the capabilities exchange, potentially resulting in a device reload. Cisco IOS contains multiple vulnerabilities in the Data-link Switching (DLSw) feature that may result in a reload or memory leaks when processing specially crafted UDP or IP Protocol 91 packets.

Recommendations For Cisco IOS versions 11.0 through 12.4, update to a version that includes the software updates released by Cisco to address these vulnerabilities. As a temporary workaround, consider implementing workarounds available to mitigate the effects of these vulnerabilities. Restrict access to the DLSw feature to minimize the risk of exploitation. Avoid using the DLSw feature until the issue is resolved.