CVE-2013-1165

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 2.x through 3.7 before 3.7.1S

Description The issue allows remote attackers to cause a denial of service by sending many crafted L2TP packets. Successful exploitation could trigger a reload of the Embedded Services Processors (ESP) card or the Route Processor (RP) card, causing an interruption of services. Repeated exploitation could result in a sustained denial of service condition.

Recommendations For Cisco IOS XE versions 2.x through 3.7 before 3.7.1S, update to version 3.7.1S or later to resolve the issue. As a temporary workaround, consider restricting access to L2TP packets to minimize the risk of exploitation.