Cisco DLSw Information Disclosure Vulnerability
There is a bug in Cisco's DLSw implementation affecting 12.x and 15.x trains that allows an unuthenticated remote attacker to retrieve the partial contents of packets traversing a Cisco router with DLSw configured and active.
Vulnerability discovered by:
- Tate Hansen - John McLeodKyle Rainey built lab to recreate vulnerability and help test
Disclosure Date: November 17, 2014.