Executive Summary
| Summary | |
|---|---|
| Title | Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20070228-mpls | First vendor Publication | 2007-02-02 |
| Vendor | Cisco | Last vendor Modification | 2007-02-28 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.1 | Attack Range | Adjacent network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 6.5 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System (IOS) are vulnerable to an attack from a Multi Protocol Label Switching (MPLS) packet. Only the systems that are running in Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the Multilayer Switch Feature Card (MSFC)) or running with Cisco IOS Software Modularity are affected. |
Original Source
| Url : http://www.cisco.com/warp/public/707/cisco-sa-20070228-mpls.shtml |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5869 | |||
| Oval ID: | oval:org.mitre.oval:def:5869 | ||
| Title: | Cisco 7600, Catalyst 6000 and 6500 MPLS Packet DoS Vulnerability | ||
| Description: | Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | ||
| Family: | ios | Class: | vulnerability |
| Reference(s): | CVE-2007-1258 | Version: | 1 |
| Platform(s): | Cisco IOS | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Hardware | 1 | |
| Hardware | 1 | |
| Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 33067 | Cisco Catalyst Hybrid Mode Malformed MPLS Packet Remote DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20070228-mplshttp.nasl - Type : ACT_GATHER_INFO |
| 2007-03-01 | Name : The remote switch can be crashed remotely. File : CSCef90002.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 10:21:51 |
|
