Cisco IOS XR Multiple Denial of Service Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were reported in Cisco IOS XR. A remote user can cause denial of service conditions.
A remote user can send a specially crafted RSVP packet to cause the target RSVP process to reload, a specially crafted SNMPv2 packet to cause the target snmpd process to reload, or a specially crafted TACACS+ packet to cause the target TACACS+ process to reload.
A remote user on the local network can send a specially crafted MPLS packet to the target Cisco Network Convergence System 6000 Series Router to cause a network processor unit and line card to lockup and reload.
Impact
- Denial of Service
System / Technologies affected
- Cisco IOS XR
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to a fixed version.
Vulnerability Identifier
Source
Related Link
- http://securitytracker.com/id/1030878
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3376
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3377
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3378
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3379
Share with