CVE-2018-0136

N/A

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.

N/A

输入验证不恰当

Cisco Aggregation Services Router 9000 Series Cisco IOS XR Software 安全漏洞

Cisco Aggregation Services Router（ASR）9000 Series是美国思科（Cisco）公司的9000系列无线控制器产品。Cisco IOS XR Software是其中的一套模块化、分布式的网络操作系统。 Cisco Aggregation Services Router (ASR) 9000 Series中的Cisco IOS XR Software 5.3.4版本的IPv6子系统存在拒绝服务漏洞，该漏洞源于程序没有正确的处理IPv6数据包。当路由器安装有基于Trid

N/A

N/A