Vulnerabilities > CVE-2013-5503 - Resource Management Errors vulnerability in Cisco IOS XR 4.3.1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
cisco
CWE-399
nessus
NVD
Published: 2013-10-02
Updated: 2024-11-21

Summary

The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote attackers to cause a denial of service (memory consumption) via UDP packets to listening ports, aka Bug ID CSCue69413.

Vulnerable Configurations

Part Description Count
OS
Cisco
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyCISCO
NASL idCISCO-SA-20131002-IOSXR.NASL
descriptionCisco IOS XR Software version 4.3.1 contains a vulnerability that could result in complete packet memory exhaustion. Successful exploitation could render critical services on the affected device unable to allocate packets resulting in a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
last seen2019-10-28
modified2013-12-14
plugin id71437
published2013-12-14
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/71437
titleCisco IOS XR Software Memory Exhaustion Vulnerability (cisco-sa-20131002-iosxr)

References