This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
A device running Cisco IOS software that has Internet Protocol version
6 (IPv6) enabled may be subject to a denial of service (DoS) attack.
For the device to be affected by this vulnerability the device also has
to have certain Internet Protocol version 4 (IPv4) User Datagram
Protocol (UDP) services enabled. To exploit this vulnerability an
offending IPv6 packet must be targeted to the device. Packets that are
routed throughout the router can not trigger this vulnerability.
Successful exploitation will prevent the interface from receiving any
additional traffic. The only exception is Resource Reservation Protocol
(RSVP) service, which if exploited, will cause the device to crash.
Only the interface on which the vulnerability was exploited will be
Cisco is providing fixed software to address this issue. There are
workarounds available to mitigate the effects of the vulnerability.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 5.8
Public Exploit Available : false
Nessus Plugin ID: 49011 (cisco-sa-20080326-IPv4IPv6http.nasl)
Bugtraq ID: 28461
CVE ID: CVE-2008-1153
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.