Details of VAR-E-200507-0340

ID

VAR-E-200507-0340

CVE

cve_id:

CVE-2005-2451

Trust: 0.3

sources: BID: 14414

TITLE

Cisco IOS IPv6 Processing Arbitrary Code Execution Vulnerability

Trust: 0.3

sources: BID: 14414

DESCRIPTION

The IPv6 processing functionality of Cisco IOS is prone to a vulnerability that allows a remote attacker to execute arbitrary code.
A successful attack may allow the attacker to execute arbitrary code and gain unauthorized access to the device. The attacker can also leverage this issue to cause an affected device to reload, denying service to legitimate users.
This issue may be related to BID 12368 (Cisco IOS IPv6 Processing Remote Denial Of Service Vulnerability).
Cisco has stated that exploits of this vulnerability in Cisco IOS XR may cause the IPv6 neighbor discovery process to restart. If exploited repeatedly, this could result in a prolonged denial of service affecting IPv6 traffic traveling through the device.

Trust: 0.3

sources: BID: 14414

AFFECTED PRODUCTS

vendor:	cisco	model:	ios 12.3	scope:	ne	version:	-	Trust: 2.4
vendor:	cisco	model:	ios 12.2 sv1	scope:	ne	version:	-	Trust: 0.9
vendor:	cisco	model:	ios 12.2xj	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios	scope:	ne	version:	12.4(1)	Trust: 0.6
vendor:	cisco	model:	ios 12.3 ja	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.3 xc3	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.3 yj	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.2 sxd4	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.2 zd3	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 12.2 t16	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.1.0	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3jk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ja	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 0.3
vendor:	cisco	model:	ios 12.2zp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zo	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ze	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2su	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2so	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sec	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2seb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sea	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2se	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2jk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ja	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ez	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ewa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2eu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2by	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.1xv	Trust: 0.3
vendor:	cisco	model:	ios 12.1xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0st	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0sl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xr	scope:	ne	version:	3.2	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 mr	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 bc6	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yi1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yg2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 ya1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xy6	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t8	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xr4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xi4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t9	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 b5	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xq1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xk3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xg4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xe3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xa4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 jk	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.3(15)	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yu	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yt	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yq1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 bc	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yw	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 ys	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yf3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t5	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ya10	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 mb13b	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sv	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sw3a	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sv2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sec1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 seb3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 s4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ez1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ez	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ewa1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 s8	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ewa2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ew2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 eu1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sxe1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sv3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 s9	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sxb8	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 mc2c	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 jk4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 bc2h	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 s14	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0 s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0 s2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0 s3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0 s6	scope:	ne	version:	-	Trust: 0.3

sources: BID: 14414

EXPLOIT

ISS has developed a working exploit for this issue through the "link local" interface. This exploit is not publicly available or known to be circulating in the wild.

Trust: 0.3

sources: BID: 14414

PRICE

Free

Trust: 0.3

sources: BID: 14414

TYPE

Boundary Condition Error

Trust: 0.3

sources: BID: 14414

CREDITS

This issue was reported by Michael Lynn at the Black Hat security conference.

Trust: 0.3

sources: BID: 14414

EXTERNAL IDS

db:	NVD	id:	CVE-2005-2451	Trust: 0.3
db:	BID	id:	14414	Trust: 0.3

sources: BID: 14414

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml#details	Trust: 0.3
url:	http://www.irmplc.com/download_pdf.php?src=cisco_ios_exploitation_techniques.pdf&force=yes	Trust: 0.3
url:	http://xforce.iss.net/xforce/alerts/id/201	Trust: 0.3

sources: BID: 14414

SOURCES

db:

BID

id:

14414

LAST UPDATE DATE

2022-07-27T09:34:22.705000+00:00

SOURCES UPDATE DATE

db:

BID

id:

14414

date:

2007-06-28T03:58:00

SOURCES RELEASE DATE

db:

BID

id:

14414

date:

2005-07-27T00:00:00