| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Jun 2016 12:07:55 -0400 From: Cisco Systems Product Security Incident Response Team <psirt@...co.com> To: bugtraq@...urityfocus.com Cc: psirt@...co.com Subject: Cisco Security Advisory: Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability Advisory ID: cisco-sa-20160601-prime3 Revision 1.0 For Public Release 2016 June 1 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability in the IPv6 packet decode function of the Cisco Network Analysis Module (NAM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0WyjK89gD3EAJB5AQIJbRAAmARSbMN/HbRdFCfkBTHNt5GgfMHbGRlv 3tY+2UpNk76RO+3qT5Dia5i1dSw6xFViREIFJR5/8fgSaBQMAUqU/Ub0Yoka1AzV OKA3qHt9tdmkSJ3l7evW+Os4bQTpf/DSlNJoIwWRcvdgMHudUZ9ELzp9WwIczI9T AQwwJBfPyyZLDzfDC6e0Lxx2ca4ITumOFBbG7QW9NNLki5xD51nTA4VscMfzLNJd ETuAVELyEl5cOUG3Fnq7a9Aok105UlGSgf5w/cGrXo/ycSfvDYaZ7WBPBAFuXQht bUVvfzNmHjiBcTK8rv27fc+mRsU18vTkHyIopXc1sUayrYVhUkSGVIbqN6gICDRt 0CDlT8bSVQybPElmpoR57U2d+YatLjWggmUzS1EFCFfezLOGzYftSFB/D9YiYXZ6 7FR+2feIBnitEThvcEHXt5X7EPEOwUJtTNLN9psE+hMpDcThw5PzJ8dhRPrF7EBW Q26GRafNxcw/mm4wDIHcWfABWVbGKCSqcNcGIVwLtk40wb7mwlpfOVckSwctN/u4 jGeR4gmWcgdYDGWATyWDhVatq2c/x9ou2PkBanPbXb90Pshr7EVPbV4t/ovBKlix ORjuu2/szqwJLRb5M8RiZVfgrA+79q7BGgxWQQK3Wi14FxzrNvQlQFq5GYNQjy9Z FqHgZHEGhC4= =vGKU -----END PGP SIGNATURE-----
Powered by blists - more mailing lists