Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding
Infrastructure (MFI) is vulnerable to a denial of service (DoS) attack
from specially crafted packets. Only the MFI is affected by this
vulnerability. Older Label Forwarding Information Base (LFIB)
implementation, which is replaced by MFI, is not affected.

Cisco has released free software updates that address this
vulnerability.

See also :

http://www.nessus.org/u?f9f25a71
http://www.nessus.org/u?3530bda4

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20080924-mfi.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 49022 (cisco-sa-20080924-mfihttp.nasl)

Bugtraq ID: 31360

CVE ID: CVE-2008-3804

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial