Vigil@nce - Cisco IOS XE: denial of service via MAC Zero
February 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An unauthenticated attacker, who is adjacent to the device, can
send packets with a MAC address of zero to Cisco IOS XE, in order
to trigger a denial of service.
Impacted products: Cisco Catalyst, IOS XE Cisco, Cisco Router.
Severity: 2/4.
Creation date: 22/12/2015.
DESCRIPTION OF THE VULNERABILITY
A MAC address identifies a hardware device on the LAN. For example
01:23:45:67:89:AB.
However, a packet with a source MAC address of 00:00:00:00:00:00
generates a fatal error in Cisco IOS XE, which forces a device
reload.
An unauthenticated attacker, who is adjacent to the device, can
therefore send packets with a MAC address of zero to Cisco IOS XE,
in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Cisco-IOS-XE-denial-of-service-via-MAC-Zero-18574