Skip to main content

Cisco Nexus Series Switches IP Stack Processing Denial of Service Vulnerability

Last Update Date: 18 Jul 2012 Release Date: 17 Feb 2012 5586 Views

RISK: Medium Risk

TYPE: Servers - Network Management

TYPE: Network Management

A vulnerability has been identified in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the IP stack processing when obtaining layer 4 (UDP or TCP) information and can be exploited to reload a device by sending a specially crafted IP packet.


Impact

  • Denial of Service

System / Technologies affected

  • Cisco Nexus 1000v Series Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 7000 Series Switches
  • Cisco NX-OS 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • For Cisco Nexus 1000v Series Switches versions 4.2.x
    Update to version 4.2(1)SV1(5.1)

  • For Cisco Nexus 5000 Series Switches versions 4.x and 5.0.x
    Update to version5.0(2)N1(1)

  • For Cisco Nexus 7000 Series Switches versions 4.2.x
    Update to version 4.2.8

  • For Cisco Nexus 7000 Series Switches versions 5.0.x
    Update to version 5.0.5

  • For Cisco Nexus 7000 Series Switches versions 5.1.x
    Update to version 5.1.1


Vulnerability Identifier


Source


Related Link