ID CVE-2007-1258
Summary Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet.
References
Vulnerable Configurations
  • Cisco Catalyst 6000
    cpe:2.3:h:cisco:catalyst_6000
  • Cisco Catalyst 6500
    cpe:2.3:h:cisco:catalyst_6500
  • Cisco Catalyst 7600
    cpe:2.3:h:cisco:catalyst_7600
  • Cisco Catalyst 6500
    cpe:2.3:h:cisco:catalyst_6500
  • Cisco IOS 12.2(18)SXF4
    cpe:2.3:o:cisco:ios:12.2%2818%29sxf4
  • Cisco IOS 12.2SXA
    cpe:2.3:o:cisco:ios:12.2sxa
  • Cisco IOS 12.2SXB
    cpe:2.3:o:cisco:ios:12.2sxb
  • Cisco IOS 12.2SXD
    cpe:2.3:o:cisco:ios:12.2sxd
  • Cisco IOS 12.2SXF
    cpe:2.3:o:cisco:ios:12.2sxf
CVSS
Base: 6.1 (as of 07-03-2007 - 11:14)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20070228-MPLSHTTP.NASL
    description Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected. MPLS packets can only be sent from the local network segment.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 49001
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49001
    title Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
  • NASL family CISCO
    NASL id CSCEF90002.NASL
    description The remote host is a CISCO Catalyst 6500 switch containing a version of IOS that is affected by a denial of service vulnerability when processing malformed MPLS packets. An attacker may exploit this flaw to crash the remote device.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 24736
    published 2007-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24736
    title Cisco Catalyst Hybrid Mode Malformed MPLS Packet Remote DoS (CSCsd37415, CSCef90002)
oval via4
accepted 2008-09-08T04:00:56.733-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet.
family ios
id oval:org.mitre.oval:def:5869
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco 7600, Catalyst 6000 and 6500 MPLS Packet DoS Vulnerability
version 3
refmap via4
cisco 20070228 Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability
osvdb 33067
sectrack 1017709
secunia 24348
vupen ADV-2007-0782
xf cisco-catalyst-mpls-dos(32748)
Last major update 07-03-2011 - 21:51
Published 03-03-2007 - 15:19
Last modified 10-10-2017 - 21:31
Back to Top