lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201509231207.5.fhs@psirt.cisco.com>
Date: Wed, 23 Sep 2015 12:07:50 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities

Advisory ID: cisco-sa-20150923-fhs

Revision 1.0

For Public Release 2015 September 23 16:00  UTC (GMT)
+-------------------------------------------------------------------------------

Summary
=======
Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

Cisco has released software updates that address these vulnerabilities. 
There are no workarounds to mitigate these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs

Note: The September 23, 2015, release of the Cisco IOS and IOS XE Software Security Advisory bundled publication includes three Cisco Security Advisories. All the advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: September 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep15.html

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWAWwcAAoJEIpI1I6i1Mx3wYkQAJU+71c6l6BRNwQ65d7XucdS
r64mrlpga6Mud4jxqsbatCM76W+DDcSE1xtz2lqWN8L3Aqndq/ZmsysZPID81lr/
kPWpVaNbOjr/BgXe8K8f/xYS6ExIMs7jcLSOcB5obdQaHXOvOf8yPOP4SuHodILO
i5JJ+kjE22dmRw1srBCtZF0HdNUFa+aXYuR0OSrqHwaPARMsRPQbsAF7djBVDdRU
1XB4YH5zVXG0q3yMpdlJLdVkPtQesC+BSka66qcSJBnC6tqQ/KEMkUkt+Uk1Yh9s
Qpuh9UcIB78/oBy/VZI8IGsTL4uVLczRhonQe5KFP3uvM0LJvMXAn+dTXXBZJXlm
9NEHrOuoxZjPlMYntaY3xE9Ocl3ObA4Y12H1S+E1djhVogdNjW4qN8dorqIq10g5
jAi0o8qhM7o5vRjDt8os0UnuAHPaqtY0C5oaTruZN28N7Hzey4mdM9wkOL/oY+rq
Lgd9BT+BHAO+Yop0cgpmPAs2EXYzVz7zN5euYzuFywQOfQvko84YFfzxt6Y+ofIH
SbAHZ1tdtw059IQk6Q6nlK3rE9jk+vO7wQ8MW39OXCgjEMlXn7kWQ3gctXz0Qesj
li2+OFzXVhLBk3JDiqBQJ08FYoyuH25e58MumDLxZnoQi4jS5YqJcSQjSfnRLn2n
eU9LswAcnFiAlRAE34PP
=pjAl
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ