CVE-2012-3950

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.3 through 12.4 Cisco IOS versions 15.0 through 15.2

Description The Intrusion Prevention System (IPS) feature in Cisco IOS contains a vulnerability that allows remote attackers to cause a denial of service (device reload) via DNS packets. This issue can be exploited if specific Cisco IOS IPS configurations exist.

Recommendations For Cisco IOS versions 12.3 through 12.4, update to a version that includes the fix for this issue. For Cisco IOS versions 15.0 through 15.2, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the IPS feature until a patch is available. Restrict access to the DNS packets to minimize the risk of exploitation.