PT-2011-4361 · Cisco · Cisco Ios Xe+1

Published

2011-10-03

Updated

2011-10-21

CVE-2011-3272

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS version 15.1 Cisco IOS XE versions 2.1.x through 3.3.x

Description The IP Service Level Agreement (IP SLA) functionality allows remote attackers to cause a denial of service, resulting in memory corruption and device reload, via malformed IP SLA packets.

Recommendations For Cisco IOS version 15.1, update to a version that fixes the issue. For Cisco IOS XE versions 2.1.x through 3.3.x, update to a version that fixes the issue. As a temporary workaround, consider disabling the IP SLA functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2011-3272

Affected Products

Cisco Ios

Cisco Ios Xe

PT-2011-4361 · Cisco · Cisco Ios Xe+1

CVE-2011-3272

Weakness Enumeration

Related Identifiers

Affected Products

References · 4