Carriers need to patch their big network iron
23 Feb 2015 at 05:57, Richard ChirgwinCisco has announced that NCS 6000 and Carrier Routing System (CRS-X) – heavy hunks of iron used in the service provider market – have an IPv6 software bug that needs patching.
The bug impacts the ways Cisco IOS XR units parse IPv6 packets and an attack exploiting the problem could result in a forced restart of the line card that's processing the traffic.
“An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card,” the company's advisory states. “This vulnerability could be exploited repeatedly to cause an extended DoS condition.”
Full Article