SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe remote Cisco device is running a version of Cisco IOS XR software that is potentially affected by a heap-based buffer overflow vulnerability in the GNU C Library (glibc) due to improperly validated user-supplied input to the __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2() functions. This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.
Note that this issue only affects Cisco Network Convergence System 6000 Series routers.
SolutionApply the relevant patch referenced in Cisco bug ID CSCus69517.