Boletines de Vulnerabilidades

Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the implementation of the virtual fragmentation reassembly (VFR) feature for IP version 6 (IPv6) in Cisco IOS Software could allow anunauthenticated, remote attacker to cause an affected device to hang or reload, resulting in a denial of service (DoS) condition.Thevulnerability is due to a race condition while accessing the reassemblyqueue for IPv6 fragments. An attacker could exploit this vulnerabilityby sending a crafted stream of valid IPv6 fragments. Repeatedexploitation

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20IPv6%20Virtual%20Fragmentation%20Reassembly%20Den

Identificadores estándar
Propiedad Valor
CVE CVE-2013-5474.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2013-09-26

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT