You are here
Home > Preporuke > Ranjivost Cisco IOS XR softvera

Ranjivost Cisco IOS XR softvera

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header Denial of Service Vulnerability

Advisory ID: cisco-sa-20180131-ipv6

Revision: 1.0

For Public Release: 2018 January 31 16:00 GMT

Last Updated: 2018 January 31 16:00 GMT

CVE ID(s): CVE-2018-0136

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition.

The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJacen4XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczbvcP/3roV03TIdBh4bXMTP/LwM3TUHnJ
hJq8uWV9DYnYoEbU+GR1yRC94kaj//2GpPQ7HqV6P9JXvZ3BpKwVOCLAGOXyUUsg
P1c7veTL5tIlI0W5+MwSCq9EXpCQY7a8jWkR2GI9mXUxHLIL6z3ETpIc7KaTX8YJ
fQVR1fvlvjn+jhshxnYZsgcNHcdwkhgOo722mx0CIKislokl7s6FfGGJS1aauVIZ
0jGDXyh6mHDR9v8EMvuq8nMG+xQANMCklwsUkiTHct2tLsIyF+sz43YnaDy7PTfU
Lh0Xzc/YgbHWzDqO4QlkiWH6F7sYydzc2MIaLKRTeNM5ElhJi4ZnpJgfeEj9HpCn
C7L5CXKWpthpcZfhPC5U98euje6PyscyvojpPau9QEZVO3pLZLzbd56Hk/Rz18Pd
xqFu17Q94duowZVMVNaeiNtLgj20h3x4uxgZ1EnOun6f1ViVCEi97N93rxUloiNN
1hhf+iIVQ1rMiqalWCOJ46teidOIumLI0uovURyUnitokPamFnohvld0ETNz9cnQ
ZchHKxcObPJ00q9FEDMORbUHXeAiFO3TkLLgsK7EEosq6AnpdoIeRez4i4EuAey2
iOapcb9Z6AoBUp4G81JqxvNnnNhixpV1wRq971uOJxZtl52hRSGm2XgQYPiwrrtk
LNPkUwyFMvD4DVQT
=IU61
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa freeimage

Otkriven je sigurnosni nedostatak u programskom paketu freeimage za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...

Close