Test ID:	1.3.6.1.4.1.25623.1.0.106313
Category:	CISCO
Title:	Cisco IOS XR Software Open Shortest Path First Link State Advertisement Denial of Service Vulnerability (cisco-sa-20160928-ospf)
Summary:	A vulnerability in the implementation of Open Shortest Path; First (OSPF) Link State Advertisement (LSA) functionality in Cisco IOS XR Software could allow an; unauthenticated, remote attacker to cause a denial of service (DoS) condition.
Description:	Summary: A vulnerability in the implementation of Open Shortest Path First (OSPF) Link State Advertisement (LSA) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to a memory error in OSPF. An attacker could exploit this vulnerability by sending a crafted OSPF LSA update to an affected device. Vulnerability Impact: A successful exploit could allow the attacker to cause the OSPF process to restart when the crafted OSPF LSA update is received, resulting in a DoS condition. Solution: Update to version 5.3.4.13i, 6.1.2.3i, 6.1.22.9i, 6.2.1.11i or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6421 BugTraq ID: 93212 http://www.securityfocus.com/bid/93212 Cisco Security Advisory: 20160928 Cisco IOS XR Software Open Shortest Path First Link State Advertisement Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ospf http://www.securitytracker.com/id/1036909
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.