CVE-2013-1147

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.3 through 12.4 Cisco IOS versions 15.0 through 15.3

Description The Protocol Translation (PT) functionality in Cisco IOS does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource. This issue is related to a buffer overflow in memory. The vulnerability could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Recommendations For Cisco IOS versions 12.3 through 12.4, update to a fixed version to resolve the issue. For Cisco IOS versions 15.0 through 15.3, update to a fixed version to resolve the issue. As a temporary workaround, consider disabling the PT functionality until a patch is available. Restrict access to PT resources to minimize the risk of exploitation.