Cisco IOS IPv6 Packet Processing Arbitrary Code Execution (CSCef68324)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.

Synopsis :

The remote router contains a vulnerability which may allow an attacker to
execute arbitrary code on it.

Description :

The remote version of IOS is vulnerable to a code execution attack
when processing malformed IPv6 packets.

To exploit this flaw, an attacker would need to ability to send a malformed
packet from a local segment and may exploit this issue to cause the remote
device to reload repeatedly or to execute arbitrary code in the remote IOS.

See also :

Solution :

Cisco has made a set of patches available which are listed at the address above.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 6.1
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 19771 (CSCef68324.nasl)

Bugtraq ID: 14414

CVE ID: CVE-2005-2451