Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Routing Systems Vulnerable to Malformed IPv6 Packet Attacks

Cisco Fixes DoS Vulnerability in IOS XR Software

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in IOS XR Software, a self-healing and fully distributed network operating system designed for service providers.

Cisco Fixes DoS Vulnerability in IOS XR Software

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in IOS XR Software, a self-healing and fully distributed network operating system designed for service providers.

The security hole patched by Cisco is caused by the improper handling of malformed IPv6 packets carrying extension headers. An unauthenticated, remote attacker can leverage this vulnerability to get the line card on affected devices to reload by sending a specially crafted IPv6 packet. By exploiting the bug repeatedly, the attacker can cause an extended DoS condition.

The flaw impacts the Cisco Network Convergence System 6000 (NCS 6000) and all Cisco Carrier Routing System X (CRS-X) line cards running a vulnerable version of the operating system.

The vulnerability does not affect Cisco 12000 Series Routers, Cisco ASR 9000 Series Aggregation Services Routers, Cisco Carrier Routing System 1 (CRS-1), or Cisco Carrier Routing System 3 (CRS-3).

Cisco noted in an advisory that devices are only vulnerable if they are configured to process IPv6 traffic because the flaw can only be exploited using IPv6 packets. Customers can check if IPv6 is enabled by using the show ipv6 interface brief command.

“While certain intermediate devices may block malformed IPv6 packets, the possibility still exists for a malformed packet to originate from a remote network and exploit this vulnerability on an affected device,” Cisco said.

The security hole was identified by Cisco during internal testing and the company says there is no evidence that the vulnerability has been exploited in the wild.

Advertisement. Scroll to continue reading.

The CVE-2015-0618 identifier and a CVSS base score of 7.1 have been assigned to the flaw.

This isn’t the only vulnerability patched by Cisco this month. The company also released software updates to address a command injection flaw affecting the WebEx Meetings Server (CVE-2015-0589) and a SQL injection vulnerability in Secure Access Control System (CVE-2015-0580).

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Mike Byron has been named Chief Financial Officer (CFO) at Exabeam.

Ex-GitHub chief technology officer Mike Hanley has joined GM as CISO.

Network security and compliance assurance firm Titania has appointed Victoria Dimmick as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.