CVE-2011-4016

Published: May 2, 2012Modified: Apr 29, 2026

5.4

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:C

Exploitability: 4.9 / Impact: 6.9

Source: NVD

Description

The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673.

Affected (4)

Products: Cisco: Ios

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	Version 12.2
Cisco Ios	Version 15.0
Cisco Ios	Version 15.1
Cisco Ios	Version 15.2

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html

Source: psirt@cisco.com

Release NotesVendor Advisory

http://www.securitytracker.com/id?1027005

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://www.securitytracker.com/id?1027005

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.