Crafted Packet Causes Reload on Cisco Routers

Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces. A system that supports MPLS is vulnerable even if that system is not configured for MPLS.


The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.  Cisco has made free software available to address this vulnerability.  There are workarounds available to mitigate the effects.


Affected Products:
Vulnerable Products
Only the following products running a vulnerable version of IOS that support MPLS are affected.
 * 2600 and 2800 series routers
 * 3600, 3700 and 3800 series routers
 * 4500 and 4700 series routers
 * 5300, 5350 and 5400 series Access Servers


Products that are not listed above are not affected.


Software Versions and Fixes and Workarounds in http://www.securiteam.com/securitynews/5OP0P1PEKQ.html

Leave a Reply