Cisco Products OSPF Vulnerability
Last Update Date:
2 Aug 2013 18:35
Release Date:
2 Aug 2013
4156
Views
RISK: High Risk
TYPE: Servers - Network Management
A vulnerability has been identified in various Cisco products, which can be exploited by an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic. The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- Cisco IOS Software
- Cisco IOS-XE Software
- Cisco Adaptive Security Appliance (ASA)
- Cisco ASA Service Module (ASA-SM)
- Cisco Pix Firewall
- Cisco Firewall Services Module (FWSM)
- Cisco NX-OS Software
- Cisco ASR 5000
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply patches:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf
Vulnerability Identifier
Source
Related Link
- http://securitytracker.com/id/1028858
- http://securitytracker.com/id/1028859
- http://securitytracker.com/id/1028860
- http://securitytracker.com/id/1028861
- http://securitytracker.com/id/1028862
- http://securitytracker.com/id/1028863
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf
Share with