CVE-2011-0945

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.1 through 12.4 Cisco IOS versions 15.0 through 15.1 Cisco IOS XE versions 3.1.xS before 3.1.3S Cisco IOS XE versions 3.2.xS before 3.2.1S

Description A memory leak in the Data-link switching (DLSw) feature, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet. This issue could result in a device reload when processing crafted IP Protocol 91 packets.

Recommendations For Cisco IOS versions 12.1 through 12.4, update to a fixed version to address the memory leak vulnerability. For Cisco IOS versions 15.0 through 15.1, update to a fixed version to address the memory leak vulnerability. For Cisco IOS XE versions 3.1.xS before 3.1.3S, update to version 3.1.3S or later to address the memory leak vulnerability. For Cisco IOS XE versions 3.2.xS before 3.2.1S, update to version 3.2.1S or later to address the memory leak vulnerability.