This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Cisco IOS and Cisco IOS XR contain a vulnerability when processing
specially crafted IPv6 packets with a Type 0 Routing Header present.
Exploitation of this vulnerability can lead to information leakage on
affected IOS and IOS XR devices, and may also result in a crash of the
affected IOS device. Successful exploitation on an affected device
running Cisco IOS XR will not result in a crash of the device itself,
but may result in a crash of the IPv6 subsystem.
Cisco has made free software available to address this vulnerability
for affected customers. There are workarounds available to mitigate the
effects of the vulnerability.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 9.0
Nessus Plugin ID: 49006 (cisco-sa-20070808-IOS-IPv6-leak.nasl)
CVE ID: CVE-2007-4285