>> Cisco IOS IPv6 Packet Code Execution and Denial of Service Issue
Title : Cisco IOS IPv6 Packet Code Execution and Denial of Service Issue VUPEN ID : VUPEN/ADV-2005-1264 CVE ID : CVE-2005-2451 CWE ID : CWE-
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-07-29
Technical Description
A vulnerability was identified in Cisco Internet Operating System (IOS), which could be exploited by attackers to execute arbitrary commands or cause a denial of service. This flaw is due to a heap overflow error when processing specially crafted IPv6 packets, which could be exploited by an unauthenticated attacker to execute arbitrary code and compromise a vulnerable device.
Note : The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected.
