Vulnerability Note VU#274760
Cisco IOS fails to properly process specially crafted IPv6 packets
Cisco IOS fails to properly process IPv6 packets with specially crafted routing headers. Successful exploitation of this vulnerability may allow an attacker to execute code, or create a denial-of-service condition.
Internet Protocol version 6 (IPv6) is a IP standard that is designed to replace the Internet Protocol version 4 (IPv4). IPv6 Type 0 Routing headers can store multiple addresses and are processed by routers for generalized source routing.
Cisco IOS software contains a vulnerability that occurs when proccessing IPv6 Type 0 Routing headers. An attacker may be able to trigger this vulnerability by sending an IP packet with a speciallly crafted IPv6 Type 0 Routing header to a vulnerable system.
A remote unauthenticated attacker may be able to execute arbitrary code on an affected device, or create a denial of service condition.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems, Inc.||Affected||-||24 Jan 2007|
CVSS Metrics (Learn More)
Thanks to Cisco for information used in this report.
This document was written by Ryan Giobbi.
- CVE IDs: Unknown
- Date Public: 24 Jan 2007
- Date First Published: 24 Jan 2007
- Date Last Updated: 25 Jan 2008
- Severity Metric: 5.94
- Document Revision: 26
If you have feedback, comments, or additional information about this vulnerability, please send us email.