SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#583638

Cisco IOS contains DoS vulnerability in MPLS packet processing

Overview

A denial-of-service vulnerability exists in Cisco's Internetwork Operating System (IOS). This vulnerability may allow attackers to conduct denial-of-service attacks on an affected device.

I. Description

Multi Protocol Label Switching (MPLS) is designed to increase the speed of IP packet-forwarding by applying labels to packets. These labels are then used by MPLS enabled routers to make packet forwarding decisions. The Cisco Internetwork Operating System (IOS) implementation of MPLS contains a vulnerability that allows malformed MPLS packets to cause an affected device to reload. Such packets can be sent by an unauthenticated attacker on a local network segment connected to a vulnerable device interface and may result in a denial-of-service condition.

According to the Cisco advisory, this vulnerability affects devices that do not have MPLS Traffic Engineering globally enabled. If MPLS Traffic Engineering is disabled, devices that are configured with an interface that has MPLS disabled are vulnerable to attack via that interface only.

Cisco identified that the following products are affected:

  • 2600 and 2800 series routers
  • 3600, 3700 and 3800 series routers
  • 4500 and 4700 series routers
  • 5300, 5350 and 5400 series Access Servers

II. Impact

By sending a specially crafted MPLS packet to an affected device, an unauthenticated attacker on a local network segment connected to a vulnerable device interface could cause the device to reload. Repeated exploitation of this vulnerability could lead to a sustained denial-of-service condition.

III. Solution

Upgrade

Please refer to the "Software Versions and Fixes" section of the Cisco Security Advisory for more information on upgrading.

Enable MPLS Traffic Engineering (MPLS TE)

Cisco strongly encourages that you upgrade to an unaffected version of the code. As a short term solution to mitigate against this vulnerability, Cisco recommends enabling MPLS Traffic Engineering (MPLS TE) globally. To apply this workaround, Cisco Express Forwarding (CEF) needs to be enabled on the device to enable MPLS TE.

CEF and MPLS TE can be enabled by the following commands.

    Router(config)# ip cef
    Router(config)# mpls traffic-eng tunnels

Having MPLS TE enabled will make the router immune to the attacks coming from any interface.

Systems Affected
VendorStatusDate NotifiedDate Updated
Cisco Systems Inc.Vulnerable26-Jan-2005

References


http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introint.htm#xtocid5
http://www.cisco.com/warp/public/732/Tech/mpls

Credit

This vulnerability was reported by the Cisco Systems Product Security Incident Response Team (PSIRT).

This document was written by Damon Morda.

Other Information

Date Public:2005-01-26
Date First Published:2005-01-26
Date Last Updated:2005-01-26
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:21.24
Document Revision:29

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2005 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader