Cisco Nexus Series Switches IP Stack Processing Denial of Service Vulnerability

Last Update Date: 18 Jul 2012 Release Date: 17 Feb 2012 5449 Views

RISK: Medium Risk

TYPE: Servers - Network Management

A vulnerability has been identified in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the IP stack processing when obtaining layer 4 (UDP or TCP) information and can be exploited to reload a device by sending a specially crafted IP packet.

Impact

Denial of Service

System / Technologies affected

Cisco Nexus 1000v Series Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco NX-OS 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

For Cisco Nexus 1000v Series Switches versions 4.2.x
Update to version 4.2(1)SV1(5.1)
For Cisco Nexus 5000 Series Switches versions 4.x and 5.0.x
Update to version5.0(2)N1(1)
For Cisco Nexus 7000 Series Switches versions 4.2.x
Update to version 4.2.8
For Cisco Nexus 7000 Series Switches versions 5.0.x
Update to version 5.0.5
For Cisco Nexus 7000 Series Switches versions 5.1.x
Update to version 5.1.1

Vulnerability Identifier

CVE-2012-0352

Cisco Nexus Series Switches IP Stack Processing Denial of Service Vulnerability

Impact

System / Technologies affected

Solutions

Vulnerability Identifier

Source

Related Link