ID CVE-2005-0197
Summary Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
References
Vulnerable Configurations
  • Cisco IOS 12.1T
    cpe:2.3:o:cisco:ios:12.1t
  • Cisco IOS 12.2
    cpe:2.3:o:cisco:ios:12.2
  • Cisco IOS 12.2T
    cpe:2.3:o:cisco:ios:12.2t
  • Cisco IOS 12.3
    cpe:2.3:o:cisco:ios:12.3
  • Cisco IOS 12.3T
    cpe:2.3:o:cisco:ios:12.3t
CVSS
Base: 6.1 (as of 03-06-2005 - 17:56)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20050126-LESHTTP.NASL
    description Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on interfaces where MPLS is not configured. A system that supports MPLS is vulnerable even if that system is not configured for MPLS. The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48982
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48982
    title Crafted Packet Causes Reload on Cisco Routers
  • NASL family CISCO
    NASL id CSCEB56909.NASL
    description The remote version of IOS is vulnerable to a denial of service attack when processing malformed MPLS packets. If IPv6 is enabled, an attacker may exploit this flaw to prevent the router from working properly.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 17630
    published 2005-03-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17630
    title Cisco IOS Multi Protocol Label Switching (MPLS) Packet Remote DoS (CSCeb56909)
oval via4
accepted 2008-09-08T04:00:33.660-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
family ios
id oval:org.mitre.oval:def:5662
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco IOS Routers MPLS Reset Denial of Service Vulnerability
version 3
refmap via4
bid 12369
cert TA05-026A
cert-vn VU#583638
cisco 20050126 Crafted Packet Causes Reload on Cisco Routers
sectrack 1013015
secunia 14031
xf cisco-ios-mpls-dos(19071)
Last major update 04-03-2009 - 00:29
Published 02-05-2005 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top