CVE-2013-2779

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.4 through 3.4.4S Cisco IOS XE versions 3.5 through 3.7 before 3.7.1S

Description The issue is related to the improper implementation of the Cisco Multicast Leaf Recycle Elimination (MLRE) feature in Cisco IOS XE, allowing remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN packets. Successful exploitation could trigger a reload of the Embedded Services Processors (ESP) card or the Route Processor (RP) card, causing an interruption of services. Repeated exploitation could result in a sustained denial of service condition.

Recommendations For Cisco IOS XE versions 3.4 through 3.4.4S, update to version 3.4.5S or later. For Cisco IOS XE versions 3.5 through 3.7 before 3.7.1S, update to version 3.7.1S or later.