Rapid7 Vulnerability & Exploit Database

Cisco IOS: CVE-2011-0945: Cisco IOS Software Data-Link Switching Vulnerability

Back to Search

Cisco IOS: CVE-2011-0945: Cisco IOS Software Data-Link Switching Vulnerability

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
10/03/2011
Created
07/25/2018
Added
09/22/2017
Modified
04/02/2020

Description

Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364.

Solution(s)

  • cisco-ios-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;