BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Cisco IOS ICMP Denial of Service Vulnerability

Disclosed November 22, 2013    Zeroday : 250 days

Vulnerability Description:

A vulnerability exists within IOS that allows a remote, unauthenticated attacker to cause a denial of service condition to arise via maliciously crafted ICMP packets. This may cause IPSec tunnels to fail.

Vendors:

Cisco

Vulnerable Software/Devices:

Cisco IOS 15.2M and 15.2(4)M, earlier versions may be affected as well

Vulnerability Severity:

Medium

Exploit Availability:

No Exploit Available

Exploit Impact:

Denial of Service
Remote, unauthenticated attackers can send specially crafted ICMP packets which will change the already-configured MTU value of the tunnel interface. This will cause IPSec tunnels on the affected system to drop, thereby becoming unusable.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 31618 - Cisco IOS Denial of Service Vulnerability (20131122) (Zero-Day)

Mitigation:

No mitigations are currently available. 

Links:

CVE(s):