CERT-In Vulnerability Note CIVN-2007-99
Cisco IOS Next Hop Resolution Protocol Vulnerability

Original Issue Date: August 14, 2007

Severity Rating: High


Systems Affected

• Cisco devices running IOS that are configured for NHRP functionality are affected.

Overview

The Cisco Next Hop Resolution Protocol (NHRP) feature in Cisco IOS® contains a vulnerability that can result in a restart of the device or possible remote code execution.

Description

NHRP is a protocol that is aimed at providing Layer 2 to Layer 3 resolution for Nonbroadcast Multiaccess networks (NBMA). NHRP can operate in three ways: at the link layer (Layer 2), over Generic Routing Encapsulation (GRE) and multipoint GRE (mGRE) tunnels and directly on IP (IP protocol number 54). This vulnerability affects all three methods of operation.
This vulnerability can be exploited remotely by processing a specially crafted Next Hop Resolution Protocol (NHRP) packet. Repeated attempts may result in a sustained denial of service (DoS) condition and crash the device.

Workaround

• To mitigate the vulnerabilities, user may have to use access-list. 

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20070808-nhrp.shtml


References

Net-Security
http://www.net-security.org/advisory.php?id=7805

FrSirt
http://www.frsirt.com/english/advisories/2007/2818


Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003