2012-09-27 02:55:01 2017-08-29 03:32:20

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed DHCPv6 packet, aka Bug ID CSCto57723.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE
Cisco IOS 12.3JEA Cisco IOS 12.3 (7)JX Cisco IOS 12.3JED Cisco IOS 12.3JEC Cisco IOS 12.3 (7)T Cisco IOS 15.0 (1)SE Cisco IOS 12.3 (5)B1 Cisco IOS 12.3 (11)YW Cisco IOS 12.4 (23) Cisco IOS 12.3 (8)YD Cisco IOS 12.3(11)YK2 Cisco IOS 12.3JL Cisco IOS 12.3 (11)YK1 Cisco IOS 12.3 (2)JA Cisco IOS 12.3JX Cisco IOS XE 3.3.2s Cisco IOS 12.4 MD Cisco IOS 12.3 (13b) Cisco IOS 12.3 (11)T Cisco IOS 12.3 (13a) Cisco IOS 12.3YZ Cisco IOS 12.3YX Cisco IOS 12.3 (2)XA4 Cisco IOS 12.3 YW Cisco IOS 12.3 (2)XA5 Cisco IOS 12.3YU Cisco IOS 12.3YT Cisco IOS 12.3YS Cisco IOS 12.4 (1) Cisco IOS XE 3.1.1s Cisco IOS 12.3ZA Cisco IOS 12.3 (2)JK Cisco IOS 12.3 (11)YN Cisco IOS 12.4(6)T Cisco IOS 12.3 (11)YF Cisco IOS 12.3JA Cisco IOS 12.3 (7)JA Cisco IOS 12.3 (14)T5 Cisco IOS 12.4(11)MD Cisco IOS 12.3 (14)T4 Cisco IOS XE 2.4.4 Cisco IOS XE 2.4.2 Cisco IOS XE 2.4.3 Cisco IOS 15.2 Cisco IOS 12.3 (14)T2 Cisco IOS XE 3.3.0s Cisco IOS 12.4(24)MDA Cisco IOS 15.0 Cisco IOS 15.1 Cisco IOS 12.3 (14)YM4 Cisco IOS 12.3 (8)JA Cisco IOS XE 2.4.0 Cisco IOS 12.3 (7.7) Cisco IOS 12.3 (12b) Cisco IOS XE 2.4.1 Cisco IOS 12.4 (1b) Cisco IOS XE 2.3.1t Cisco IOS 12.3 (8)YF Cisco IOS 12.3 (2)XC4 Cisco IOS 12.3 (8)YG Cisco IOS 12.3 (8)YH Cisco IOS 12.3 (4)XK1 Cisco IOS 12.3 (8)YI Cisco IOS 12.3 (13a)BC1 Cisco IOS XE 3.2.2SG Cisco IOS 12.4(3)T2 Cisco IOS XE 3.3.1s Cisco IOS 12.3 (4)XK3 Cisco IOS 12.3 (2)XC1 Cisco IOS 12.3 (4)XK4 Cisco IOS 12.3 (2)XC2 Cisco IOS 12.3 (2)XC3 Cisco IOS 12.3 (7)JA1 Cisco IOS 12.3 (13a)BC Cisco IOS 12.4 (2)T2 Cisco IOS XE 2.1.1 Cisco IOS 12.4 MDA Cisco IOS 12.4 (2)T3 Cisco IOS XE 2.1.2 Cisco IOS 12.3 (8)XU2 Cisco IOS 12.4 (2)T1 Cisco IOS 12.4(24)MD4 Cisco IOS 12.4XW Cisco IOS 12.4(24)MD3 Cisco IOS 12.3 (5a)B2 Cisco IOS 12.4XV Cisco IOS 12.4(24)MD2 Cisco IOS 12.4 (2)MR1 Cisco IOS 12.3 (4)XD Cisco IOS 12.4(24)MD1 Cisco IOS 12.4XT Cisco IOS 12.3 (2)JK1 Cisco IOS 12.4XR Cisco IOS 12.3 (4)XH Cisco IOS 12.4XQ Cisco IOS XE 2.1.0 Cisco IOS 12.4YA Cisco IOS 12.4 MDB Cisco IOS 12.4(22)MD Cisco IOS 12.3 (11)YF2 Cisco IOS 12.3 (11)YF3 Cisco IOS 12.3 (8)YG1 Cisco IOS 12.3 (8)YG2 Cisco IOS 12.4XZ Cisco IOS 12.3 (8)YG3 Cisco IOS 12.4XY Cisco IOS XE 3.2.4SG Cisco IOS 12.3 (4)XQ Cisco IOS 12.3B Cisco IOS 12.4YG Cisco IOS 12.3 (5f) Cisco IOS 12.4YE Cisco IOS 12.4(4)MR Cisco IOS 12.3 (5a)B5 Cisco IOS 12.4YD Cisco IOS 12.4YB Cisco IOS 12.3 (4)XK Cisco IOS 12.4(3d) Cisco IOS 12.4GC Cisco IOS 12.3 (6f) Cisco IOS 12.3 (9a)BC Cisco IOS 12.3 (4)JA1 Cisco IOS XE 3.2.2s Cisco IOS 12.3 (2)XE3 Cisco IOS 12.3 (2)XE4 Cisco IOS 12.3 (5e) Cisco IOS 12.3 (11)YF4 Cisco IOS 12.3VA Cisco IOS 12.3 (7)T12 Cisco IOS 12.4XP Cisco IOS 12.4XN Cisco IOS 12.4XM Cisco IOS 12.3 (4)TPC11a Cisco IOS 12.3 (5a) Cisco IOS XE 2.6.2 Cisco IOS 12.4(15)MD Cisco IOS 12.3 (4)JA Cisco Ios xe 2.1 (not an official CPE) Cisco IOS XE 2.6.0 Cisco Ios xe 2.2 (not an official CPE) Cisco IOS XE 2.6.1 Cisco Ios xe 2.3 (not an official CPE) Cisco IOS 12.3 (8)YI1 Cisco IOS XE 3.1.1SG Cisco IOS 12.3 (7)T8 Cisco IOS 12.3 (7)T9 Cisco IOS 12.3 (7)T10 Cisco Ios xe 2.4 (not an official CPE) Cisco IOS 12.3 (8)YI3 Cisco IOS 12.3 (14)YQ3 Cisco IOS 12.3 (14)YQ1 Cisco IOS 12.4 (3b) Cisco IOS 12.4JMA Cisco IOS 12.3T Cisco IOS 12.3 (14)YQ4 Cisco IOS 12.3 (7)XI7 Cisco IOS 12.4JMB Cisco IOS 12.4(2)XB2 Cisco IOS 12.3 (12e) Cisco IOS 12.3J Cisco IOS 12.4(9)T Cisco IOS 12.3 (7)XI3 Cisco IOS 12.3 (7)XI4 Cisco IOS 12.3 (6a) Cisco IOS 12.4MRA Cisco IOS 12.3 (8)XY4 Cisco IOS 12.4(6)T1 Cisco IOS 12.3 (8)XY5 Cisco IOS XE 2.3.0 Cisco IOS 12.3 (8)XY6 Cisco IOS 12.3 (4)T Cisco IOS 12.3BC Cisco IOS 12.4 (2)T Cisco IOS 12.3 (10d) Cisco IOS XE 3.1.0s Cisco IOS 12.3 (2)T8 Cisco IOS 12.3 (15) Cisco IOS 12.3 (14)YQ Cisco IOS 12.3 (14)YT Cisco IOS XE 2.3.1 Cisco IOS XE 2.3.2 Cisco IOS 12.3 (6d) Cisco IOS 12.3BW Cisco IOS XE 3.3.0SG Cisco IOS 12.3 (5b) Cisco IOS 12TPC Cisco IOS 12.3 (4)XQ1 Cisco IOS 12.3 (10c) Cisco IOS 12.3 (11)YS1 Cisco IOS 12.3 (2)T3 Cisco IOS 12.3 (16) Cisco IOS 12.4 (3a) Cisco IOS 12.4(8) Cisco IOS 12.3 (7)T4 Cisco IOS XE 3.3.3S Cisco IOS 12.3 (8)T11 Cisco IOS 12.3 (3i) Cisco IOS 12.3 (4)XD1 Cisco IOS 12.3 (4)XD2 Cisco IOS 12.3 (9a)BC7 Cisco IOS 12.3 (9a)BC6 Cisco IOS 12.4(24)MD Cisco IOS 12.4(7) Cisco IOS 12.4(5b) Cisco IOS 12.3 (8)T4 Cisco IOS 12.3 (8)T7 Cisco IOS 12.3 (4)EO1 Cisco IOS 12.3 (8)T8 Cisco IOS 12.3 (13) Cisco IOS 12.3 (9a)BC2 Cisco IOS 12.3 (14)YU1 Cisco IOS 12.3 (11)T9 Cisco IOS 12.3 (10e) Cisco IOS 12.3 (9) Cisco IOS 12.4 (2)MR Cisco IOS 12.3 (8)T9 Cisco IOS 12.3 (14)YU Cisco IOS 12.4MR Cisco IOS 12.3 (11)T4 Cisco IOS 12.3 (11)XL3 Cisco IOS XE 3.2.0xo Cisco IOS 12.3 (14)T Cisco IOS 12.3 (11)T5 Cisco IOS 12.3 (11)T6 Cisco IOS 12.3 (11)T8 Cisco IOS 12.3 (14)YT1 Cisco IOS 12.3XM Cisco IOS 12.3 (15b) Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS XE 2.5.1 Cisco IOS XE 2.5.2 Cisco IOS XE 3.1.0SG Cisco IOS 12.4 (4)T Cisco IOS 12.3 (5a)b Cisco IOS 12.3 (8)JA1 Cisco IOS XE 3.2.1s Cisco IOS 12.4 (5) Cisco IOS 12.3 (11) Cisco IOS 12.3 Cisco IOS 12.4 Cisco IOS XE 2.5.0 Cisco IOS 12.3 (9d) Cisco IOS 12.3 (3h) Cisco IOS 12.4(22)MDA Cisco IOS XE 3.2.0SG Cisco IOS 12.3 (4)XE4 Cisco IOS 12.3 (12) Cisco IOS 12.3 (2)JA5 Cisco IOS 12.3 (9e) Cisco IOS 12.4 (24)T1 Cisco IOS 12.3JEB Cisco IOS 12.3JK Cisco IOS 12.3 (11)YS Cisco IOS 12.4 (1c) Cisco IOS 12.3 (11)YR Cisco IOS 12.3 (5c) Cisco IOS 12.3XN Cisco IOS 12.3 (6e) Cisco IOS 12.4JA Cisco IOS 12.3XQ Cisco IOS 12.3XB Cisco IOS 12.3XC Cisco IOS 12.3XD Cisco IOS 12.3XE Cisco IOS 12.3XF Cisco IOS 12.4(2)T4 Cisco IOS 12.3XG Cisco IOS 12.3XH Cisco IOS 12.3XI Cisco IOS 12.3 (4)XG1 Cisco IOS XE 3.1.3s Cisco IOS 12.3 (4)XG5 Cisco IOS 12.3 (10) Cisco IOS 12.3 (4)T8 Cisco IOS 12.3 (4)XG4 Cisco IOS XE 3.2.0s Cisco IOS 12.3XA Cisco IOS 12.3 (4)XG2 Cisco IOS 12.3 (11)XL Cisco IOS XE 3.2.0SG Cisco IOS 12.3(5) Cisco IOS 12.3YK Cisco IOS 12.3YL Cisco IOS 12.3YM Cisco IOS 12.3YN Cisco IOS XE 2.2.3 Cisco IOS 12.4 (2)XA Cisco IOS XE 2.2.2 Cisco IOS 12.3 (8)YA1 Cisco IOS 12.3YQ Cisco IOS 12.4 (2)XB Cisco IOS 12.3YR Cisco IOS 12.3 (4)T3 Cisco IOS 12.3YC Cisco IOS 12.3 (4)T4 Cisco IOS 12.4 (3) Cisco IOS 12.3YD Cisco IOS 12.3 (4)T1 Cisco IOS 12.3YE Cisco IOS 12.3 (4)T2 Cisco IOS 12.3YF Cisco IOS 12.3 (7)XR3 Cisco IOS 12.3YG Cisco IOS 12.3YH Cisco IOS 12.4JX Cisco IOS XE 3.2.3SG Cisco IOS 12.3YI Cisco IOS 12.3 (7)XR4 Cisco IOS 12.3YJ Cisco IOS 12.3XZ Cisco IOS 12.4JK Cisco IOS 12.4JL Cisco IOS XE 3.1.2s Cisco IOS 12.4(4)T2 Cisco IOS 12.3YA Cisco IOS 12.3YB Cisco IOS 12.3 (3e) Cisco IOS 12.3XR Cisco IOS 12.3(11)YL Cisco IOS 12.3XS Cisco IOS 12.3 (1a) Cisco IOS 12.3 (11)YK Cisco IOS 12.4(7a) Cisco IOS 12.3XT Cisco IOS 12.3 (11)YJ Cisco IOS 12.3XU Cisco IOS 12.3XV Cisco IOS 12.3XW Cisco IOS 12.3 (6) Cisco IOS 12.3XX Cisco IOS 12.3XY Cisco IOS 12.3 (7)XR6 Cisco IOS 12.4JDA Cisco IOS XE 2.2.1 Cisco IOS 12.4JDD Cisco IOS 12.4JDC

Improper Input Validation (ID 20)

Related CAPEC 58 Buffer Overflow via Environment Variables (CAPEC-ID 10) Server Side Include (SSI) Injection (CAPEC-ID 101) Cross Zone Scripting (CAPEC-ID 104) Cross Site Scripting through Log Files (CAPEC-ID 106) Command Line Execution through SQL Injection (CAPEC-ID 108) Object Relational Mapping Injection (CAPEC-ID 109) SQL Injection through SOAP Parameter Tampering (CAPEC-ID 110) Subverting Environment Variable Values (CAPEC-ID 13) Format String Injection (CAPEC-ID 135) LDAP Injection (CAPEC-ID 136) Relative Path Traversal (CAPEC-ID 139) Client-side Injection-induced Buffer Overflow (CAPEC-ID 14) Variable Manipulation (CAPEC-ID 171) Embedding Scripts in Non-Script Elements (CAPEC-ID 18) Flash Injection (CAPEC-ID 182) Cross-Site Scripting Using Alternate Syntax (CAPEC-ID 199) Exploiting Trust in Client (aka Make the Client Invisible) (CAPEC-ID 22) XML Nested Payloads (CAPEC-ID 230) XML Oversized Payloads (CAPEC-ID 231) Filter Failure through Buffer Overflow (CAPEC-ID 24) Cross-Site Scripting via Encoded URI Schemes (CAPEC-ID 244) XML Injection (CAPEC-ID 250) Environment Variable Manipulation (CAPEC-ID 264) Global variable manipulation (CAPEC-ID 265) Leverage Alternate Encoding (CAPEC-ID 267) Fuzzing (CAPEC-ID 28) Using Leading 'Ghost' Character Sequences to Bypass Input Filters (CAPEC-ID 3) Accessing/Intercepting/Modifying HTTP Cookies (CAPEC-ID 31) Embedding Scripts in HTTP Query Strings (CAPEC-ID 32) MIME Conversion (CAPEC-ID 42) Exploiting Multiple Input Interpretation Layers (CAPEC-ID 43) Buffer Overflow via Symbolic Links (CAPEC-ID 45) Overflow Variables and Tags (CAPEC-ID 46) Buffer Overflow via Parameter Expansion (CAPEC-ID 47) Signature Spoof (CAPEC-ID 473) XML Client-Side Attack (CAPEC-ID 484) Embedding NULL Bytes (CAPEC-ID 52) Postfix, Null Terminate, and Backslash (CAPEC-ID 53) Simple Script Injection (CAPEC-ID 63) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) SQL Injection (CAPEC-ID 66) String Format Overflow in syslog() (CAPEC-ID 67) Blind SQL Injection (CAPEC-ID 7) Using Unicode Encoding to Bypass Validation Logic (CAPEC-ID 71) URL Encoding (CAPEC-ID 72) User-Controlled Filename (CAPEC-ID 73) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79) Buffer Overflow in an API Call (CAPEC-ID 8) Using UTF-8 Encoding to Bypass Validation Logic (CAPEC-ID 80) Web Logs Tampering (CAPEC-ID 81) XPath Injection (CAPEC-ID 83) AJAX Fingerprinting (CAPEC-ID 85) Embedding Script (XSS) in HTTP Headers (CAPEC-ID 86) OS Command Injection (CAPEC-ID 88) Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9) XSS in IMG Tags (CAPEC-ID 91) XML Parser Attack (CAPEC-ID 99)