Executive Summary
Summary | |
---|---|
Title | Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20080924-mfi | First vendor Publication | 2008-07-25 |
Vendor | Cisco | Last vendor Modification | 2008-09-24 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) is vulnerable to a Denial of Service (DoS) attack from specially crafted packets. Only the MFI is affected by this vulnerability. Older Label Forwarding Information Base (LFIB) implementation, which is replaced by MFI, is not affected. Cisco has released free software updates that address this vulnerability. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0 (...) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5619 | |||
Oval ID: | oval:org.mitre.oval:def:5619 | ||
Title: | Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability | ||
Description: | Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | ||
Family: | ios | Class: | vulnerability |
Reference(s): | CVE-2008-3804 | Version: | 1 |
Platform(s): | Cisco IOS | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48741 | Cisco IOS MFI Implementation MPLS Packet Handling Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20080924-mfihttp.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:21:54 |
|