Information Leakage Using IPv6 Routing Header in Cisco IOS XR (cisco-sa-20070808-IOS-IPv6-leak)

This script is (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco IOS XR contains a vulnerability when processing specially crafted
IPv6 packets with a Type 0 Routing Header present. Exploitation of
this vulnerability leads to information leakage on affected IOS and
IOS XR devices, and can also result in a crash of the affected IOS
device. Successful exploitation on an affected device running Cisco
IOS XR will not result in a crash of the device itself, but may result
in a crash of the IPv6 subsystem.

Cisco has made free software available to address this vulnerability
for affected customers. There are workarounds available to mitigate
the effects of the vulnerability.

See also :

http://www.nessus.org/u?b2a79cc3
http://www.nessus.org/u?d1931780

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20070808-IOS-IPv6-leak.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: CISCO

Nessus Plugin ID: 71432 ()

Bugtraq ID:

CVE ID: CVE-2007-4285