Cisco IOS Malformed IKE Packet Remote Denial Of Service Vulnerability

Cisco IOS has been reported prone to a remote denial of service vulnerability. It is reported that the issue will present itself when IOS is running on a Cisco Catalyst 6500 Series Switch or a Cisco 7600 Series Router that has a VPN Services Module (VPNSM) installed.

When one of the aforementioned appliances processes a malformed IKE packet, IOS will crash and reload.

**Update (March 30th 2005): The vendor reports that certain devices that do not have the VPN Services Module installed might also be affected by this vulnerability. It is reported that Cisco IOS devices with Crypto support will process IKE messages by default.


Privacy Statement
Copyright 2010, SecurityFocus