Multiple Crafted IPv6 Packets Cause Reload

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco Internetwork Operating System (IOS) Software is vulnerable to a
Denial of Service (DoS) attack from crafted IPv6 packets when the
device has been configured to process IPv6 traffic. This vulnerability
requires multiple crafted packets to be sent to the device which may
result in a reload upon successful exploitation.

Cisco has made free software available to address this vulnerability.
There are workarounds available to mitigate the effects.

See also :

http://www.nessus.org/u?068dfdf7
http://www.nessus.org/u?70f93db2

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20050126-ipv6.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:U/RL:W/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48981 (cisco-sa-20050126-ipv6http.nasl)

Bugtraq ID: 12368

CVE ID: CVE-2005-0195