TUCoPS :: Cisco :: napl5149.htm

Cisco router leaks other's packets data
28th Feb 2002 [SBWID-5149]
COMMAND

	Cisco router leaks other\'s packets data

SYSTEMS AFFECTED

	 IOS 11.1CC,12.0, 12.0S, 12.0T, 12.0ST,12.1, 12.1E, 12.1T,12.2, 12.2T (others ?)

	 with Cisco Express Forwarding (CEF) enabled 

PROBLEM

	In Cisco advisory :
	

	http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml

	

	

	--snipp--
	

	When a router receives  a  packet  where  MAC  level  packet  length  is
	shorter than is indicated by the IP level, the  router  will  \"extend\"
	the packet to the size indicated by the IP level.  This  extension  will
	be done by padding the packet with an arbitrary data. The issue here  is
	that padding may contain data from a previous packets that has not  been
	erased.
	

	Although it is possible to trigger this vulnerability on command, it  is
	not possible to predict what information would be  collected  this  way.
	It is not possible  for  an  attacker  to  selectively  capture  desired
	packets (for example, packets with username and password combination).
	

	--snapp--

SOLUTION

	This vulnerability is documented as Cisco Bug  ID  CSCdu20643.  For  the
	Cisco IOS 11.1CC image, this vulnerability is described as Cisco Bug  ID
	CSCdp58360.
	

	More information on Cisco IOS software release names  and  abbreviations
	is available at [http://www.cisco.com/warp/public/620/1.html]
	

	+------------------------------------------------------------------------+

	| Train  | Description of Image  |    Availability of Fixed Releases*    |

	|        |      or Platform      |                                       |

	|--------------------------------+---------------------------------------|

	|      11.1-based Releases       | Rebuild  |  Interim**   | Maintenance |

	|--------------------------------+----------+--------------+-------------|

	| 11.1CC | ED release for 7000   | 11.1(36) |              |             |

	|        | series                | CC3      |              |             |

	|--------------------------------+----------+--------------+-------------|

	|      12.0-based Releases       | Rebuild  |  Interim**   | Maintenance |

	|--------------------------------+----------+--------------+-------------|

	|  12.0  | GD release for all    |          | 12.0(20.4)   |             |

	|        | platforms             |          |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.0S  | ED release for all    | 12.0(17) | 12.0(18.3)S  | 12.0(19)S   |

	|        | platforms             | ST4      |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.0ST | ED release for all    |          | 12.0(18.3)ST | 12.0(19)ST  |

	|        | platforms             |          |              |             |

	|--------+-----------------------+---------------------------------------|

	| 12.0T  | ED release for all    | To be decided                         |

	|        | platforms             |                                       |

	|--------+-----------------------+---------------------------------------|

	| 12.0W5 | ED release for all    |          | 12.0(20.4)W5 |             |

	|        | platforms             |          | (24.7)       |             |

	|--------------------------------+----------+--------------+-------------|

	|      12.1-based Releases       | Rebuild  |  Interim**   | Maintenance |

	|--------------------------------+----------+--------------+-------------|

	|  12.1  | LD release for all    |          | 12.1(9.2)    | 12.1(10)    |

	|        | platforms             |          |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.1E  | ED release for all    | 12.1     | 12.1(9.5)E   | 12.1(8a)E   |

	|        | platforms             | (8.5)E2  |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.1EC | ED release for all    | 12.1     | 12.1(9.5)EC  |             |

	|        | platforms             | (7.5)EC1 |              |             |

	|--------+-----------------------+---------------------------------------|

	| 12.1T  | ED release for all    | To be decided                         |

	|        | platforms             |                                       |

	|--------+-----------------------+---------------------------------------|

	| 12.1XM | ED release for all    | 12.1(5)  |              |             |

	|        | platforms             | XM6      |              |             |

	|--------------------------------+----------+--------------+-------------|

	|      12.2-based Releases       | Rebuild  |  Interim**   | Maintenance |

	|--------------------------------+----------+--------------+-------------|

	|  12.2  | LD release for all    |          | 12.2(2.5)    | 12.2(3)     |

	|        | platforms             |          |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.2S  | LD release for all    |          | 12.2(3.3)S   |             |

	|        | platforms             |          |              |             |

	|--------+-----------------------+----------+--------------+-------------|

	| 12.2T  | ED release for all    |          | 12.2(2.4)T   | 12.2(4)T    |

	|        | platforms             |          |              |             |

	+------------------------------------------------------------------------+

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH