Info

Disclosure

Apr 19, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Cisco IOS XR contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted MPLS packets are sent to/via MPLS-enabled interfaces on the router and will result in reset of the affected line cards, causing a loss of availability of the traffic switching service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco has released patches for the affected platforms and versions of IOS XR to address this vulnerability.

Products

Cisco Systems, Inc.	IOS XR	3.2.0
		3.2.1
		3.2.2
		3.2.3 for CRS-1
		3.2.3 for PRP
		3.2.4
		3.2.50

References

Security Tracker: 1015964
Bugtraq ID: 17607
Secunia Advisory ID: 19740
CVE ID: 2006-1927 (see also: NVD) 2006-1928 (see also: NVD)
ISS X-Force ID: 25881
VUPEN Advisory: ADV-2006-1433
Keyword: CSCsd15970,CSCsd55531,CSCsc77475
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0496.html
Vendor Specific Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/24811

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cisco Systems, Inc.

IOS XR

References

Credit