Cisco IOS 12.0 IPv6 Remote DoS

High Nessus Network Monitor Plugin ID 2558

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote Cisco device has enabled IPv6. On many Cisco devices, it may be possible to make the remote device crash when sending it malformed IPv6 packets. These vulnerabilities would allow a remote attacker to potentially cause the Cisco machine to reboot repeatedly, causing a loss of availability.

Solution

Ensure that IPv6 functionality is required and then ensure that a patched version of Cisco IOS is installed.

See Also

http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml

Plugin Details

Severity: High

ID: 2558

File Name: 2558.prm

Family: Generic

Published: 2005/01/26

Modified: 2016/02/05

Dependencies: 1107

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:W/RC:C

CVSSv3

Base Score: 7.5

Temporal Score: 6.6

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS3#E:U/RL:W/RC:C

Reference Information

BID: 12368