From: SecuriTeam <support@securiteam.com.>
To: [email protected]
Date: 20 Apr 2006 15:14:18 +0200
Subject: [NEWS] Cisco IOS XR MPLS Multiple DoS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20060420132002.22C3F57CE@mail.tyumen.ru.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Cisco IOS XR MPLS Multiple DoS
------------------------------------------------------------------------
SUMMARY
<http://www.cisco.com/en/US/products/ps5845/index.html>; "Cisco IOS XR
Software, a new member of the Cisco IOS family, is a unique self-healing
and self-defending operating system designed for always on operation while
scaling system capacity up to 92Tbps. "
" <http://www.cisco.com/en/US/products/ps5763/index.html>; The Cisco CRS-1
Carrier Routing System is the industry's first carrier routing system
offering continuous system operation, unprecedented service flexibility,
and system longevity. "
Improper packet handling allows attackers to DoS Cisco IOS XR MPLS.
DETAILS
Vulnerable Systems:
* Cisco IOS XR configured for MPLS
Cisco IOS XR Software is a member of the Cisco IOS Software Family that
uses a microkernel based distributed operating system infrastructure.
Cisco IOS XR runs both on Cisco CRS-1 and Cisco 12000 series routers.
Modular Services Cards (MSC), also called the line cards are Layer-3
forwarding engines on Cisco CRS-1. An MSC is paired with a physical layer
interface module (PLIM) which provides layer-1 and layer-2 services.
Specific MPLS packets that are switched by a Cisco CRS-1 or a 12000 series
system will restart the NetIO process. If the NetIO process is restarted
several times consecutively, the line card will reload causing a Denial of
Service (DoS) condition for the traffic that is being switched on that
line card.
MPLS packets will be forwarded through the MPLS network. Therefore,
packets that can trigger this vulnerability can be sent from remote
systems that are in the MPLS network. Such packets can not be received on
interfaces that are not configured for MPLS.
Successful exploitation of the vulnerability may result in a reload of the
Modular Services Card (MSC) on a CRS-1 or the line cards on a Cisco 12000
series router. Repeated exploitation could result in a sustained DoS
attack.
ADDITIONAL INFORMATION
The information has been provided by <mailto:psirt@cisco.com.> Cisco
Security.
The original article can be found at:
<http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml>;
http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected]
In order to subscribe to the mailing list, simply forward this email to: [email protected]
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
