Cisco IOS Multiple Vulnerabilities
Last Update Date:
26 Sep 2013 16:38
Release Date:
26 Sep 2013
3994
Views
RISK: High Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities have been identified in Cisco IOS. A remote user can cause denial of service conditions.
- A remote user can send specially crafted multicast Network Time Protocol (NTP) packets encapsulated in a Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message from a configured MSDP peer to cause the target device to reload.
- A remote user can send specially crafted Internet Key Exchange (IKE) v1 packets to trigger a memory leak. Repeated exploitation can consume excessive memory and cause the target device to reload.
- A remote user can send a stream of valid IPv6 fragments to or through the target device to trigger a race condition in the virtual fragmentation reassembly (VFR) function for IPv6 to cause the target device to hang or reload.
- A remote user can send specially crafted DHCP packets to a target device that has the DHCP server or DHCP relay agent feature enabled to cause the target device to reload. Devices configured as a DHCPv6 server for IPv6 are not affected.
- A remote user can send specially crafted HTTP packets via IPv4 through a target device to trigger a flaw in the Zone-Based Firewall (ZFW) component and cause the target device to hang or reload.
- A remote user can send specially crafted, bursty traffic through an interface configured for T1/E1 signaling on an HDLC32 driver to trigger an interface queue wedge condition, which may cause loss of connectivity and loss of routing protocol adjacency.
- A remote user can send specially crafted UDP RSVP packets to the target device to trigger an interface queue wedge condition, which may cause loss of connectivity and loss of routing protocol adjacency.
- A remote user can send specially crafted DNS packets to TCP port 53 to exploit a network address translation (NAT) flaw and cause the target device to reload.
Impact
- Denial of Service
System / Technologies affected
- Cisco IOS
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix.
Vulnerability Identifier
- CVE-2013-5472
- CVE-2013-5473
- CVE-2013-5474
- CVE-2013-5475
- CVE-2013-5476
- CVE-2013-5477
- CVE-2013-5478
- CVE-2013-5479
- CVE-2013-5480
- CVE-2013-5481
Source
Related Link
Share with