Cisco Spoofed HSRP Loopback Denial Of Service Vulnerability

IOS is the Internet Operating System, used on Cisco routers. It is distributed and maintained by Cisco. Hot Standby Routing Protocol (HSRP) is a protocol used to allow multiple routers to dynamically act as backups in the event of router failure. HSRP traffic takes place over UDP port 1985.

A vulnerability has been reported in some versions of IOS. It may be possible for maliciously constructed HSRP traffic to create a loop condition, resulting in a denial of service attack.

It has been reported possible to cause this condition in version 12.1 of IOS. Other versions of IOS may share this vulnerability, this has not however been confirmed. This issue has been assigned Cisco Bug ID CSCdu38323.


 

Privacy Statement
Copyright 2010, SecurityFocus