Cisco IOS IPv6 Processing Arbitrary Code Execution Vulnerability

The IPv6 processing functionality of Cisco IOS is prone to a vulnerability that allows a remote attacker to execute arbitrary code.

A successful attack may allow the attacker to execute arbitrary code and gain unauthorized access to the device. The attacker can also leverage this issue to cause an affected device to reload, denying service to legitimate users.

This issue may be related to BID 12368 (Cisco IOS IPv6 Processing Remote Denial Of Service Vulnerability).

Cisco has stated that exploits of this vulnerability in Cisco IOS XR may cause the IPv6 neighbor discovery process to restart. If exploited repeatedly, this could result in a prolonged denial of service affecting IPv6 traffic traveling through the device.


Privacy Statement
Copyright 2010, SecurityFocus