Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Routing Systems Vulnerable to Malformed IPv6 Packet Attacks

Cisco Fixes DoS Vulnerability in IOS XR Software

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in IOS XR Software, a self-healing and fully distributed network operating system designed for service providers.

Cisco Fixes DoS Vulnerability in IOS XR Software

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in IOS XR Software, a self-healing and fully distributed network operating system designed for service providers.

The security hole patched by Cisco is caused by the improper handling of malformed IPv6 packets carrying extension headers. An unauthenticated, remote attacker can leverage this vulnerability to get the line card on affected devices to reload by sending a specially crafted IPv6 packet. By exploiting the bug repeatedly, the attacker can cause an extended DoS condition.

The flaw impacts the Cisco Network Convergence System 6000 (NCS 6000) and all Cisco Carrier Routing System X (CRS-X) line cards running a vulnerable version of the operating system.

The vulnerability does not affect Cisco 12000 Series Routers, Cisco ASR 9000 Series Aggregation Services Routers, Cisco Carrier Routing System 1 (CRS-1), or Cisco Carrier Routing System 3 (CRS-3).

Cisco noted in an advisory that devices are only vulnerable if they are configured to process IPv6 traffic because the flaw can only be exploited using IPv6 packets. Customers can check if IPv6 is enabled by using the show ipv6 interface brief command.

“While certain intermediate devices may block malformed IPv6 packets, the possibility still exists for a malformed packet to originate from a remote network and exploit this vulnerability on an affected device,” Cisco said.

The security hole was identified by Cisco during internal testing and the company says there is no evidence that the vulnerability has been exploited in the wild.

Advertisement. Scroll to continue reading.

The CVE-2015-0618 identifier and a CVSS base score of 7.1 have been assigned to the flaw.

This isn’t the only vulnerability patched by Cisco this month. The company also released software updates to address a command injection flaw affecting the WebEx Meetings Server (CVE-2015-0589) and a SQL injection vulnerability in Secure Access Control System (CVE-2015-0580).

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.