IPv6 Routing Header Vulnerability

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Processing a specially crafted IPv6 Type 0 Routing header can crash a
device running Cisco IOS software. This vulnerability does not affect
IPv6 Type 2 Routing headers which are used in mobile IPv6. IPv6 is not
enabled by default in Cisco IOS.
Cisco has made free software available to address this vulnerability
for affected customers.

See also :

http://www.nessus.org/u?ffa2c05c

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20070124-IOS-IPv6.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: CISCO

Nessus Plugin ID: 48998 (cisco-sa-20070124-IOS-IPv6http.nasl)

Bugtraq ID:

CVE ID: CVE-2007-0481