CVE-2013-5527

Name of the Vulnerable Software and Affected Versions Cisco IOS and IOS XE (affected versions not specified)

Description The issue is related to the OSPF functionality, which allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet. This is due to improper parsing of certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this by sending LSA type 11 OSPF packets with unusual options set, allowing them to cause a reload of the affected device. The attacker must be on the same broadcast or collision domain of a targeted device to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.