Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities

This script is (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing vendor-supplied security patches.

Description :

The remote Cisco device is running a version of Cisco IOS XR software
that is affected by multiple denial of service vulnerabilities related
to the incorrect handling of malformed DHCPv6 packets.

See also :

http://www.nessus.org/u?63ac2b67
http://www.nessus.org/u?e6302e8a

Solution :

Apply the relevant patches referenced in Cisco bug IDs CSCul80924,
CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 76971 ()

Bugtraq ID: 67488
67492

CVE ID: CVE-2014-3270
CVE-2014-3271