PT-2014-4533 · Cisco · Cisco Ios Xr

Published

2014-06-11

Updated

2016-09-07

CVE-2014-2176

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 4.1.2 through 5.1.1

Description A vulnerability in the parsing of malformed Internet Protocol version 6 (IPv6) packets could allow an unauthenticated, remote attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic. The issue is due to insufficient logic in parsing malformed IPv6 packets. An attacker could exploit this by sending a stream of malformed IPv6 packets to the affected device, leading to a denial of service (DoS) condition.

Recommendations For Cisco IOS XR versions 4.1.2 through 5.1.1, update to a fixed software version to address this vulnerability.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2014-2176

Affected Products

Cisco Ios Xr

PT-2014-4533 · Cisco · Cisco Ios Xr

CVE-2014-2176

Weakness Enumeration

Related Identifiers

Affected Products

References · 6