• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco Multiple Devices Crafted IP Option Multiple Remote Code Execution Vulnerability

Multiple Cisco switches and routers running Cisco IOS and Cisco IOS XR are prone to multiple remote code-execution vulnerabilities. These issues occur because the devices fail to handle specially crafted network packets.

An attacker can exploit these issues to execute arbitrary code within the context of the affected device. Failed exploit attempts will result in a denial of service.

These issues affect only devices that are configured to handle Internet Protocol version 4 (IPv4) packets. These issues do not affect devices that are configured to handle only Internet Protocol version 6 (IPV6) packets.

These issues are being tracked by Cisco Bug IDs CSCeh52410 and CSCec71950.