lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201507301207.6.asr1k@psirt.cisco.com>
Date: Thu, 30 Jul 2015 12:07:44 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20150730-asr1k

Revision 1.0

For Public Release 2015 July 30 16:00  UTC (GMT)

+-----------------------------------------------------------------------

Summary
=======
A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet.

The vulnerability is due to improper processing of crafted, fragmented packets. An attacker could exploit this vulnerability by sending a crafted sequence of fragmented packets. An exploit could allow the attacker to cause a reload of the affected platform.

Cisco has released software updates that address this vulnerability.

There are no workarounds to mitigate this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150730-asr1k

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVbpKZIpI1I6i1Mx3AQIXNBAAsL6aoaOpHNE2zK2WcW3pYgnqUkX67X0K
cavUKGkmOfimpZVv803qjKwLNIaBZRwZHRaHn6gMgvJp28DikDaG5cgGXfi77hxq
3t3JlT6bB6CD99vQmRRVjRDnJCKwpTlw7E+VpqPCQdG/4AglpKq1d7VkcZKfhZih
8H0/XY8FWM0x3mfcX7Hv+he1r6ckvXHixtmWWujYt7l6FO54LpECgNkivst730V9
pMaMQaThMIhuljBJVyt3sn57tXMKrV1Fsh4Tir8S2cDrmIQ/kYz09emg8Uxeotpp
YM0RoLQoS1SL/49rmCbH6TM4+gv2TNgDKWJIgk47BUZZE8DB9sReBH+cNnetG5J9
dt/+03tVbZ7vADgkfEey0niKQp/Vi400ExGR80FtR9vVoabQBZP2Sy5T0G4KJE+r
E6icqfP+keu2ovoEf7IxSBDvDa+0DzXckHz6i8gvi21iJQFRhdjsdWk5OkAomEys
rQYTkcpe15UE1WR0xURwEEayN5sXsd0iO0X6f19cdHWSbGe2VMn+1PS3198GKHz1
AYk2NqMBU9tT9M6gH1RmsqNvMBK5zhRuLaJwu5AlFhJkdjZQ7LplMjw0hm2hBqJ2
TetaGNLryB6Av3co13qWUPgTRRjmeiQ1C1Q10KHYJBkwsDty82F6RNvwmcCLq/jp
fFoIfOhaFso=
=bOtY
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ