80693 : Cisco IOS Multicast Source Discovery Protocol (MSDP) Packet Parsing Remote DoS
Printer | http://osvdb.org/80693 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
7	617	about 1 year ago	11 months ago	7 times	100%

Timeline

Disclosure Date
2012-03-28

Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when parsing a MSDP packet containing encapsulated IGMP data, which may result in loss of availability for the device.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to the version specified in the vendor advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Cisco Systems, Inc.	Cisco IOS	12.0SZ
		12.2
		12.2B
		12.2BC
		12.2BW
		12.2BX
		12.2BY
		12.2BZ
		12.2CX
		12.2CY
		12.2CZ
		12.2DA
		12.2DD
		12.2DX
		12.2EU
		12.2EW
		12.2EWA
		12.2EX
		12.2EZ
		12.2FZ
		12.2IRA
		12.2IRB
		12.2IRC
		12.2IRD
		12.2IRE
		12.2IRF
		12.2IRG
		12.2IXA
		12.2IXB
		12.2IXC
		12.2IXD
		12.2IXE
		12.2IXF
		12.2IXG
		12.2IXH
		12.2MB
		12.2MC
		12.2MRA
		12.2MRB
		12.2S
		12.2SBC
		12.2SCA
		12.2SCB
		12.2SCC
		12.2SCD
		12.2SEA
		12.2SEB
		12.2SEC
		12.2SED
		12.2SEE
		12.2SEG
		12.2SGA
		12.2SM
		12.2SO
		12.2SQ
		12.2SRA
		12.2SRB
		12.2SRC
		12.2SRD
		12.2SU
		12.2SVA
		12.2SVC
		12.2SVD
		12.2SVE
12.2SW
12.2SX
12.2SXA
12.2SXB
12.2SXD
12.2SXE
12.2SXF
12.2SXH
12.2SZ
12.2T
12.2TPC
12.2XA
12.2XB
12.2XC
12.2XD
12.2XE
12.2XF
12.2XG
12.2XH
12.2XI
12.2XJ
12.2XK
12.2XL
12.2XM
12.2XO
12.2XQ
12.2XR
12.2XS
12.2XT
12.2XU
12.2XV
12.2XW
12.2YA
12.2YC
12.2YD
12.2YE
12.2YK
12.2YO
12.2YP
12.2YT
12.2YW
12.2YX
12.2YY
12.2YZ
12.2ZA
12.2ZB
12.2ZC
12.2ZD
12.2ZE
12.2ZH
12.2ZJ
12.2ZP
12.2ZU
12.2ZX
12.2ZY
12.2ZYA
12.3
12.3B
12.3BC
12.3BW
12.3T
12.3TPC
12.3XA
12.3XB
12.3XC
12.3XD
12.3XE
12.3XF
12.3XG
12.3XI
12.3XJ
12.3XK
12.3XL
12.3XQ
12.3XR
12.3XU
12.3XW
12.3XX
12.3XY
12.3XZ
12.3YD
12.3YF
12.3YG
12.3YI
12.3YJ
12.3YK
12.3YM
12.3YQ
12.3YS
12.3YT
12.3YU
12.3YX
12.3YZ
12.3ZA
12.4GC
12.4MR
12.4MRA
12.4MRB
12.4XA
12.4XB
12.4XC
12.4XD
12.4XE
12.4XF
12.4XG
12.4XJ
12.4XK
12.4XL
12.4XM
12.4XN
12.4XP
12.4XQ
12.4XR
12.4XT
12.4XV
12.4XW
12.4XY
12.4XZ
12.4YA
12.4YB
12.4YD
15.0MR
15.0MRA
15.0XA
15.1SNG
15.1XB
12.0SZ
12.2
12.2B
12.2BC
12.2BW
12.2BX
12.2BY
12.2BZ
12.2CX
12.2CY
12.2CZ
12.2DA
12.2DD
12.2DX
12.2EU
12.2EW
12.2EWA
12.2EX
12.2EZ
12.2FZ
12.2IRA
12.2IRB
12.2IRC
12.2IRD
12.2IRE
12.2IRF
12.2IRG
12.2IXA
12.2IXB
12.2IXC
12.2IXD
12.2IXE
12.2IXF
12.2IXG
12.2IXH
12.2MB
12.2MC
12.2MRA
12.2MRB
12.2S
12.2SBC
12.2SCA
12.2SCB
12.2SCC
12.2SCD
12.2SEA
12.2SEB
12.2SEC
12.2SED
12.2SEE
12.2SEG
12.2SGA
12.2SM
12.2SO
12.2SQ
12.2SRA
12.2SRB
12.2SRC
12.2SRD
12.2SU
12.2SVA
12.2SVC
12.2SVD
12.2SVE
12.2SW
12.2SX
12.2SXA
12.2SXB
12.2SXD
12.2SXE
12.2SXF
12.2SXH
12.2SZ
12.2T
12.2TPC
12.2XA
12.2XB
12.2XC
12.2XD
12.2XE
12.2XF
12.2XG
12.2XH
12.2XI
12.2XJ
12.2XK
12.2XL
12.2XM
12.2XO
12.2XQ
12.2XR
12.2XS
12.2XT
12.2XU
12.2XV
12.2XW
12.2YA
12.2YC
12.2YD
12.2YE
12.2YK
12.2YO
12.2YP
12.2YT
12.2YW
12.2YX
12.2YY
12.2YZ
12.2ZA
12.2ZB
12.2ZC
12.2ZD
12.2ZE
12.2ZH
12.2ZJ
12.2ZP
12.2ZU
12.2ZX
12.2ZY
12.2ZYA
12.3
12.3B
12.3BC
12.3BW
12.3T
12.3TPC
12.3XA
12.3XB
12.3XC
12.3XD
12.3XE
12.3XF
12.3XG
12.3XI
12.3XJ
12.3XK
12.3XL
12.3XQ
12.3XR
12.3XU
12.3XW
12.3XX
12.3XY
12.3XZ
12.3YD
12.3YF
12.3YG
12.3YI
12.3YJ
12.3YK
12.3YM
12.3YQ
12.3YS
12.3YT
12.3YU
12.3YX
12.3YZ
12.3ZA
12.4GC
12.4MR
12.4MRA
12.4MRB
12.4XA
12.4XB
12.4XC
12.4XD
12.4XE
12.4XF
12.4XG
12.4XJ
12.4XK
12.4XL
12.4XM
12.4XN
12.4XP
12.4XQ
12.4XR
12.4XT
12.4XV
12.4XW
12.4XY
12.4XZ
12.4YA
12.4YB
12.4YD
15.0MR
15.0MRA
15.0XA
15.1SNG
15.1XB
Cisco IOS XE	2.1.x
	2.1.x
	2.2.x
	2.2.x
	2.3.x
	2.3.x
	2.4.x
	2.4.x
	2.5.x
	2.5.x
	2.6.x
	2.6.x
	3.1.0sg
	3.1.0sg
	3.1.1sg
	3.1.1sg
	3.1.0s
	3.1.0s
	3.1.1s
	3.1.1s
	3.1.2s
	3.1.2s
	3.1.3s
	3.1.3s
	3.1.4s
	3.1.4s
	3.2.0s
	3.2.0s
	3.2.1s
	3.2.1s
	3.2.2s
	3.2.2s
	3.3.0s
	3.3.0s
	3.3.1s
	3.3.1s
	3.3.2s
	3.3.2s

References

Security Tracker: 1026868
CVE ID: 2012-0382 (see also: NVD)
Secunia Advisory ID: 48630 48633
Bugtraq ID: 52759
Packet Storm: http://packetstormsecurity.org/files/111292/Cisco-Security-Advisory-20120328-msdp.html
Vendor Specific Advisory URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-msdp

Credit

Not Available

CVSSv2 Score

CVSSv2 Base Score = 7.1
Source: nvd.nist.gov | Generated: 2012-03-29 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.