—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability
Advisory ID: cisco-sa-20160804-wedge
Revision 1.0
For Public Release 2016 August 4 16:00 GMT
+———————————————————————
Summary
=======
A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.
The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.
Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.
This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org
iQIcBAEBCgAGBQJXoyuaAAoJEK89gD3EAJB5jS0QALlocwEtAhJ6ELVX3IT6HAC5
FKlc3zknV5KswMHqsbDjQsD2GAfEntDoO8Riu78lWSexO99Pu/VfRafKUJKcHEUo
wBYQQ33X4sLEgGXMIXUbAxMFCpAxdlIuEzevo8HUj+LiMZWZNN1UJOpsFzBZGx3Q
b6XNpGnMup88326DIcTJwUo3DGs7jAPvidlBjS5VPHqE43hvMy7FCqBTMQXdE7E3
6xVR9A8E4BdVPy/WyBjKI5TVOvaB2qoPYaaLmdzvsGaM5LnVw1qPFLwe1xY7dI9m
+P+iN5ruvY9GM1WzJL8Yt7ngKmIbr7VC7vQc0kRPe9Mk+ZsuibR4Se12RADvdYfB
CTYeDNES93fV1KxdGNFy2+XJSIcK3VYusto4sTRcKLmUfkHd/ahXNjuoGoqkvFYD
+wq+1GylK2EUvOThjPEGuBgEG8HaNnp0UaYHqKCcUEzayCthygv0oN2Xiy4cEoJb
002reFlEN8s2puJknuEpcywoWNMOGFWSf2jN2kL4mHo6WIldQJqTOy7DHNLLt9UA
aZNXUzhFavF6KXrAMQ3DiTx0nwV9CVaJq9yvyC1iXDA/ySvkHERoODpP7epmhMqW
FZTfAxeusPbktEMeAXThVj/SrkwCmzlrvs+pzk8kAa1ycz/7nJkHENiDCLlUk+zR
fapmFudsB1x/rUftQUNf
=4KvY
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com