| VID |
29078 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco 6000/6500/7600 series systems have a Crafted Layer 2 Frame Denial of Service Vulnerability(CISCO bug ID CSCdy15598 and ID CSCeb56052).
The Cisco 6000/6500/7600 series systems with MSFC2(Multilayer Switch Feature Card 2) and a FlexWAN or OSM(Optical Services Module) module and Cisco 6000/6500/7600 series with an MSFC2 module running IOS 12.1(8b)E14 are vulnerable to a denial of service attack. This vulnerability occurs when the actual length of the layer 2 frame is inconsistent with the length of the encapsulated layer 3 packet. By sending a specially-crafted layer 2 frame that is inconsistent with the length of the encapsulated layer 3 packet to the affected system, an attacker can result in freeze or the reset of the system. Repeated exploitation may lead to a denial of service until a fixed version of software has been loaded.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml
* Platforms Affected:
Cisco 6000/6500/7600 series systems with MSFC2 and a FlexWAN or OSM module
Cisco 6000/6500/7600 series systems with MSFC2 that are running 12.1(8b)E14 |
| Recommendation |
Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability) at http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml .
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com .
For details, see http://www.cisco.com/warp/public/707/cisco-sa-20040203-cat6k.shtml . |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
15013 (ISS) |
|
