Cisco Security Advisory 65783: IPv6 Crafted Packet Vulnerability
CERT: CISCO IPv6 vulnerability VU#930892
Cisco Systems devices running IOS that are configured to handle Internet Protocol version 6 (IPv6) traffic may not properly handle a specially-crafted packet sent from the local network segment. This improper packet handling may result in a denial-of-service condition or in the execution of arbitrary code on the device running IOS.
The specific nature of the crafted packets exploiting this vulnerability is not known.
Only devices configured to handle IPv6 traffic are vulnerable to this flaw. Any logical or physical interface that handles the crafted packet is vulnerable to the flaw. In addition, the attacker must send the crafted packet on the local network segment. Packets sent one or more hops away from the device will not affect the vulnerable device in a negative manner.
For details on fixes, updates, and workarounds, please see
Cisco Security Advisory 65783: IPv6 Crafted Packet Vulnerability.
Software Versions and Fixes
Obtaining Fixed Software
Exploitation and Public Announcements
Status of This Notice: INTERIM
Cisco Security Procedures