The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability CVE-2016-6379

Cisco IOS, IOS XE: denial of service via IPDR

Synthesis of the vulnerability

An attacker can send a malicious IPDR packet to Cisco IOS or IOS XE, in order to trigger a denial of service.
Impacted products: Cisco Catalyst, IOS by Cisco, IOS XE Cisco, Cisco Router.
Severity: 2/4.
Creation date: 29/09/2016.
Identifiers: CERTFR-2016-AVI-322, cisco-sa-20160928-ipdr, CSCuu35089, CVE-2016-6379, VIGILANCE-VUL-20725.

Description of the vulnerability

The Cisco IOS or IOS XE product has a service to manage received IPDR (IP Detail Record) packets.

However, when a malicious packet is received, a fatal error occurs.

An attacker can therefore send a malicious IPDR packet to Cisco IOS or IOS XE, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computer vulnerability note. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.