Detections
Analytics
Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers - Cisco Systems
high Nessus Plugin ID 49011
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subject to a denial of service (DoS) attack.For the device to be affected by this vulnerability the device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP) services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the device. Packets that are routed throughout the router can not trigger this vulnerability.
Successful exploitation will prevent the interface from receiving any additional traffic. The only exception is Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be affected.
Cisco is providing fixed software to address this issue. There are workarounds available to mitigate the effects of the vulnerability.
Solution
Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20080326-IPv4IPv6.See Also
Plugin Details
Severity: High
ID: 49011
File Name: cisco-sa-20080326-IPv4IPv6http.nasl
Version: 1.24
Type: local
Family: CISCO
Published: 9/1/2010
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2008-1153
Vulnerability Information
CPE: cpe:/o:cisco:ios
Required KB Items: Host/Cisco/IOS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 3/26/2008
Vulnerability Publication Date: 3/26/2008
Reference Information
CVE: CVE-2008-1153
BID: 28461