[82814] in North American Network Operators' Group
Cisco Security Advisory: IPv6 Crafted Packet Vulnerability
daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Fri Jul 29 09:41:01 2005
From: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Date: Fri, 29 Jul 2005 13:38:19 GMT
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
Got v6?
- ferg
[snip]
Summary
Cisco Internetwork Operating System (IOSŪ) Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
Cisco has made free software available to address this vulnerability for all affected customers.
This advisory will be posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
[snip]
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or fergdawg@sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
