A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the processing of MPLS (Multi Protocol Label Switching) packets. This can be exploited to cause a vulnerable device to reload by sending a specially crafted MPLS packet to an interface with MPLS disabled.
Successful exploitation requires support for MPLS; however, it does not have to
be configured.
The vulnerability affects the following products with release trains based on
12.1T, 12.2, 12.2T, 12.3, and 12.3T:
* 2600 and 2800 series routers
* 3600, 3700 and 3800 series routers
* 4500 and 4700 series routers
* 5300, 5350 and 5400 series Access Servers
OPERATING SYSTEM:
Cisco IOS 12.x
Cisco IOS R12.x
SOLUTION:
See patch matrix in the vendor advisory for information about fixes.
http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml#software
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml
OTHER REFERENCES:
US-CERT VU#583638:
http://www.kb.cert.org/vuls/id/583638
VERIFY ADVISORY:
http://secunia.com/advisories/14031/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050210102849876