by sending specific IP version 4 (IPv4) packets to or through an
affected device.
Successful exploitation could cause the NetIO process to restart.
Under a sustained attack, the Cisco CRS Modular Services Card (MSC)
on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco
12000 Series Router or Cisco ASR 9000 Series Aggregation Services
Router will reload.
Cisco has released free Software Maintenance Units (SMU) that address
this vulnerability.
Details
=======
Cisco IOS XR Software is a member of the Cisco IOS Software family that
uses a microkernel-based distributed operating system infrastructure.
Cisco IOS XR Software runs on the Cisco CRS-1 Carrier Routing System,
Cisco 12000 Series Routers, and Cisco ASR 9000 Series Aggregation
Services Routers. More information on Cisco IOS XR Software is available
at http://www.cisco.com/en/US/products/ps5845/index.html.
The SSH protocol was developed as a secure replacement for the Telnet,
* Cisco 12000 Series SPA interface processors running Cisco IOS
Software
* Cisco XR 12000 Series Engine 3 Line Cards
* Cisco ASR 9000 Series Aggregation Services Routers
* Cisco Carrier Routing System Series Routers
No other Cisco products are currently known to be affected by this
vulnerability
Details
Products Confirmed Not Vulnerable
+--------------------------------
The following products are confirmed not vulnerable:
* Cisco Carrier Routing System (CRS) running any version of Cisco IOS XR Software
* Cisco XR 12000 Series Routers running any version of Cisco IOS XR Software
* Cisco 12000 Series Routers running any version of Cisco IOS Software
* Cisco IOS Software
* Cisco IOS XE Software
* Cisco NX-OS Software
