CVE-2008-0537

Name of the Vulnerable Software and Affected Versions Cisco Catalyst 6500 Series and Cisco 7600 Router devices with Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), or Route Switch Processor 720 (RSP720) modules, running branches of Cisco IOS based on 12.2

Description The issue allows remote attackers to cause a denial of service via unknown vectors when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link. This can result in a blocked queue, device restart, or memory leak. The vulnerability only affects devices configured for Open Shortest Path First (OSPF) Sham-Link and Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN), and OSPF and MPLS VPNs are not enabled by default.

Recommendations For Cisco Catalyst 6500 Series and Cisco 7600 Router devices with Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), or Route Switch Processor 720 (RSP720) modules, running branches of Cisco IOS based on 12.2, consider disabling OSPF Sham-Link and MPLS VPN configurations as a temporary workaround until a patch is available. Restrict access to affected interfaces to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.