Skip to main content

Cisco IOS XR Software Route Processor Denial of Service Vulnerability

Last Update Date: 16 Aug 2012 12:17 Release Date: 16 Aug 2012 5140 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability has been identified in Cisco IOS XR Software, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

 

The vulnerability is due to improper processing of crafted packets by Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G or RSP-8G), Route Switch Processor 440 (RSP440), or Carrier Routing System (CRS) Performance Route Processor. An attacker could exploit this vulnerability by sending a crafted packet to a vulnerable system. An exploit could allow the attacker to cause the packets originating on the Route Processor CPU to stop transmitting to the fabric, resulting in a DoS condition.


Impact

  • Denial of Service

System / Technologies affected

  • IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440
  • IOS XR Software versions prior to 4.2.0 running on the Cisco ASR 9000 Series RSP-4G or RSP-8G
  • IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 


Vulnerability Identifier


Source

 


Related Link