ID CVE-2008-3804
Summary Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.
References
Vulnerable Configurations
  • cpe:2.3:h:cisco:ios:12.2
    cpe:2.3:h:cisco:ios:12.2
  • cpe:2.3:h:cisco:ios:12.4
    cpe:2.3:h:cisco:ios:12.4
CVSS
Base: 7.1 (as of 29-09-2008 - 15:53)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
NASL family CISCO
NASL id CISCO-SA-20080924-MFIHTTP.NASL
description Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) is vulnerable to a denial of service (DoS) attack from specially crafted packets. Only the MFI is affected by this vulnerability. Older Label Forwarding Information Base (LFIB) implementation, which is replaced by MFI, is not affected. Cisco has released free software updates that address this vulnerability.
last seen 2019-02-21
modified 2018-11-15
plugin id 49022
published 2010-09-01
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=49022
title Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability - Cisco Systems
oval via4
accepted 2008-12-22T04:00:08.252-05:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.
family ios
id oval:org.mitre.oval:def:5619
status accepted
submitted 2008-09-24T11:06:36.000-04:00
title Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability
version 5
refmap via4
cisco 20080924 Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability
sectrack 1020934
secunia 31990
vupen ADV-2008-2670
Last major update 29-10-2012 - 23:15
Published 26-09-2008 - 12:21
Last modified 28-09-2017 - 21:31
Back to Top