Cisco IOS Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Cisco IOS. A remote user can cause denial of service conditions.

1. A remote user can send specially crafted multicast Network Time Protocol (NTP) packets encapsulated in a Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message from a configured MSDP peer to cause the target device to reload.
2. A remote user can send specially crafted Internet Key Exchange (IKE) v1 packets to trigger a memory leak. Repeated exploitation can consume excessive memory and cause the target device to reload.
3. A remote user can send a stream of valid IPv6 fragments to or through the target device to trigger a race condition in the virtual fragmentation reassembly (VFR) function for IPv6 to cause the target device to hang or reload.
4. A remote user can send specially crafted DHCP packets to a target device that has the DHCP server or DHCP relay agent feature enabled to cause the target device to reload. Devices configured as a DHCPv6 server for IPv6 are not affected.
5. A remote user can send specially crafted HTTP packets via IPv4 through a target device to trigger a flaw in the Zone-Based Firewall (ZFW) component and cause the target device to hang or reload.
6. A remote user can send specially crafted, bursty traffic through an interface configured for T1/E1 signaling on an HDLC32 driver to trigger an interface queue wedge condition, which may cause loss of connectivity and loss of routing protocol adjacency.
7. A remote user can send specially crafted UDP RSVP packets to the target device to trigger an interface queue wedge condition, which may cause loss of connectivity and loss of routing protocol adjacency.
8. A remote user can send specially crafted DNS packets to TCP port 53 to exploit a network address translation (NAT) flaw and cause the target device to reload.