CVE-2010-0576

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.0 through 12.4 Cisco IOS XE versions 2.1.x through 2.3.x before 2.3.2 Cisco IOS XR versions 3.2.x through 3.4.3

Description A remote denial of service condition can occur in devices running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled. This is due to a crafted LDP UDP packet that can cause an affected device to reload or restart the mpls ldp process. A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP).

Recommendations For Cisco IOS versions 12.0 through 12.4, update to a version that addresses this vulnerability. For Cisco IOS XE versions 2.1.x through 2.3.x before 2.3.2, update to version 2.3.2 or later. For Cisco IOS XR versions 3.2.x through 3.4.3, update to a version that addresses this vulnerability. As a temporary workaround, consider disabling LDP or TDP to minimize the risk of exploitation.