Vigil@nce - Cisco ASR 1000: denial of service via IPv4 Fragments
November 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send numerous fragmented IPv4 packets to Cisco ASR
1000, in order to trigger a denial of service.
Impacted products: Cisco ASR, IOS XE Cisco.
Severity: 2/4.
Creation date: 01/09/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco ASR 1000 product reassembles IPv4 packets.
However, when there are more than 100000 packets per second, the
reassembly operation overloads the QFP (Cisco QuantumFlow
Processor).
An attacker can therefore send numerous fragmented IPv4 packets to
Cisco ASR 1000, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-ASR-1000-denial-of-service-via-IPv4-Fragments-17782