lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201403261208.5.RSP72010GE@psirt.cisco.com>
Date: Wed, 26 Mar 2014 12:08:19 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability

Advisory ID: cisco-sa-20140326-RSP72010GE

Revision 1.0

For Public Release 2014 March 26 16:00  UTC (GMT)

Summary
=======

A vulnerability in the Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks models RSP720-3C-10GE and RSP720-3CXL-10GE could allow an unauthenticated, remote attacker to cause the route processor to reboot or stop forwarding traffic. The vulnerability is due to an issue in the Kailash field-programmable gate array (FPGA) versions prior to 2.6.

Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-RSP72010GE

Note: The March 26, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2014 bundled publication.

Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar14.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTMeUsAAoJEIpI1I6i1Mx3QqEP/1W/RvtG5zkMAVcGxT/fmT57
YsEGW6+znRSsE7VLq4R6040SQYqJemtkdrug6PB5Ie1IWySd6Qv6FA5nAwtrRqaY
aSyVSxXt0ta+zmoSlYqidQl+X+oLTWf4hbkKae2DUqlPSoRadyKzp4Fz6GARolka
V1P6dCwXKYo+y8444cilT5iw28RajMYDFVBv8pl1j1O20ts8gLskq1sqQaZneYKZ
dS8N4yaIOtRp+6hMtH3dcRDm0dy880l4yrBN+4sOC/Pf/oTRiwkhYUXZaDqOme4R
K1rWArmc9tkFMGar5j4wVWYk0B8cdOu5+FQ/1hbd2PxgLpvFylDZ/5W83hnK9J4g
HTgE9vQ3BDeJkoxLupOksTRxqYgxUzYCs1LfcCNoNbQTOs8tAidQyzng3Rhw3/Ty
mB3dTOaR1giqnnp6HNbRzxmw1j7m2kOfkoNhrcLMcO+2R+SaBmG4IHtRoEeABGdc
H19Nv7Y/GFug1AY9ntHOyMw1urVa7Dperb22mSqeeF4HPZoYlAYJG0itwkpmdI+R
E8STnyi+Hx2LmjEUc59SSLpS0n1ciBRii6CG+hFUUPCDdyJpdGYgVYbOtn3g0YHw
5OR4qK2/hWNOFQ+6DIjhYvXecLEmGltJ1rMxdFdtgH5JT2IAZsdoUHko9b9PRTJ7
J+6y3e8dU2EfXhK7GuFA
=RDpO
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ