nanog mailing list archives

Cisco Security Advisory: IPv6 Crafted Packet Vulnerability

From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Fri, 29 Jul 2005 13:38:19 GMT



Got v6?

- ferg

[snip]

Summary

Cisco Internetwork Operating System (IOS®) Software is vulnerable to a Denial of Service (DoS) and potentially an 
arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network 
segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful 
exploitation, the device may reload or be open to further exploitation.

Cisco has made free software available to address this vulnerability for all affected customers.

This advisory will be posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml

[snip]


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

Current thread:

Cisco Security Advisory: IPv6 Crafted Packet Vulnerability Cisco Systems Product Security Incident Response Team (Jul 29)
- <Possible follow-ups>
- Cisco Security Advisory: IPv6 Crafted Packet Vulnerability Fergie (Paul Ferguson) (Jul 29)