Vulnerability: Cisco IOS Software processing of SAA Packets

Cisco advises its IOS Software releases are vulnerable if their Response Time Reporter responder is enabled. If so, when the router receives a malformed RTR packet, it will crash. RTR is disabled by default.

The Response Time Reporter (RTR) feature was the previous name for the Service Assurance Agent (SAA).

Although RTR was introduced in Cisco IOS® Software Release 11.2, only the following releases are vulnerable:

* 12.0S, SC, ST, SL, SP, SX

* 12.1, E, EA, EC, EX, EY

* 12.2, DA, S

For more details, see http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments