CVE-2008-3804

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 and 12.4

Description The issue is related to a Denial of Service (DoS) attack from specially crafted packets in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS. This can cause memory corruption when the software path is used. Only the MFI is affected by this issue, and not the older Label Forwarding Information Base (LFIB) implementation.

Recommendations For Cisco IOS version 12.2, update to a version that includes the fix for this issue. For Cisco IOS version 12.4, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the MFI to minimize the risk of exploitation.