Summary
A vulnerability in the IP version 6 (IPv6) processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit (NPU) and a reload of the line card processing an IPv6 packet.
The vulnerability is due to incorrect processing of an IPv6 packet carrying IPv6 extension headers that are valid but unlikely to be seen during normal operation. An attacker could exploit this vulnerability by sending such an IPv6 packet to an affected device that is configured to process IPv6 traffic. An exploit could allow the attacker to cause a reload of the line card, resulting in a DoS condition.
Cisco has released free software updates that address this vulnerability. There is no workaround that mitigates this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150611-iosxr
'취약점 정보2' 카테고리의 다른 글
| 팀뷰어 업데이트 권고 (0) | 2016.05.11 |
|---|---|
| Oracle Outside In 8.5.2 contains multiple stack buffer overflows (0) | 2016.01.26 |
| [펌웨어] ipTIME 유무선 공유기 96종 펌웨어 9.66 배포 (0) | 2015.06.12 |
| Nmap 6.49BETA1 released (0) | 2015.06.06 |
| [펌웨어] ipTIME 유무선 인터넷 공유기 112종 펌웨어 9.58 배포 (0) | 2015.04.19 |