North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Cisco Security Advisory: IPv6 Crafted Packet Vulnerability

  • From: Fergie (Paul Ferguson)
  • Date: Fri Jul 29 09:41:45 2005

Got v6?

- ferg

[snip]

Summary

Cisco Internetwork Operating System (IOSŪ) Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.

Cisco has made free software available to address this vulnerability for all affected customers.

This advisory will be posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml

[snip]


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 [email protected] or [email protected]
 ferg's tech blog: http://fergdawg.blogspot.com/