Cisco IOS Software contains a vulnerability in the IP version 6
(IPv6) protocol stack implementation that could allow an
unauthenticated, remote attacker to cause a reload of an affected device
that has IPv6 operation enabled. The vulnerability is triggered when an
affected device processes a malformed IPv6 packet.
Cisco has released free software updates that address this
vulnerability. There are no workarounds to mitigate this vulnerability.
This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-ipv6.

Note: The September 28, 2011, Cisco IOS Software
Security Advisory bundled publication includes ten Cisco Security Advisories.
Nine of the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications Manager.
Each advisory lists the Cisco IOS Software releases that correct the
vulnerability or vulnerabilities detailed in the advisory as well as the Cisco
IOS Software releases that correct all vulnerabilities in the September 2011
Bundled Publication.
Individual publication links are in “Cisco Event Response:
Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the
following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep11.html

Leave a Reply