CVE-2011-4007 Information

Description

Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the \set mpls experimental imposition\ command which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly aka Bug ID CSCtr56576.

Reference

http://www.cisco.com/en/US/docs/ios/ios_xe/3/release/notes/asr1k_caveats_33s.html http://www.securitytracker.com/id?1027005