Jun
6
2012

May 2012: one Cisco vulnerability

The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory:

  • Cisco IOS XR Software Route Processor Denial of Service Vulnerability

Cisco IOS XR Software Route Processor Denial of Service Vulnerability
The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric.

Vulnerable Products
This vulnerability affects IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440. It also affects IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor.This vulnerability affects IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440. It also affects IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor.

Details
The vulnerability is due to improper processing of crafted packets by Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) or Carrier Routing System (CRS) Performance Route Processor. An attacker could exploit this vulnerability by sending a crafted packet to a vulnerable system; this vulnerability cannot be triggered by IP traffic transiting a vulnerable device. An exploit could allow the attacker to cause the packets originating on the Route Processor CPU to stop transmitting to the fabric, resulting in a DoS condition.

Impact
Successful exploitation of the vulnerability could cause the route processor on an affected device to stop transmitting packets from the route processor CPU to the fabric. As a result, the affected RSP440 or Performance Route Processor will experience a DoS, failing to transmit all of its route processor-based protocols (for example, Intermediate System – Intermediate System, Border Gateway Protocol, ICMP).

Link: http://tools.cisco.com/…/cisco-sa-20120530-iosxr

Summary
Article Name
May 2012: one Cisco vulnerability
Description
May 2012: The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory.
Author