lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201602031127.6.n9knci@psirt.cisco.com>
Date: Wed,  3 Feb 2016 11:27:06 -0500
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability

Advisory ID: cisco-sa-20160203-n9knci

Revision 1.0

For Public Release 2016 February 3 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the ICMP implementation in the Cisco Nexus 9000
Series Application Centric Infrastructure (ACI) Mode Switch could 
allow an unauthenticated, remote attacker to cause the switch to 
reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of an ICMP packet with 
the IPv4 Type 7 option for record route. An attacker could exploit 
this vulnerability by sending an ICMP packet with the record route 
option to an interface on the affected switch. An exploit could allow 
the attacker to cause a DoS condition because the switch will reload 
each time the ICMP packet is received.

Cisco has released software updates that address this vulnerability. 
A workaround that addresses this vulnerability is available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVqlFZa89gD3EAJB5AQIUJg//ft1XTFmFXhnNBfE5YpLhMSzgvtumqyuT
Q6gO8y2E6ss4c013PNVDah7p+iSg6niYI47KOexd2Q05gEKOtQ0ohWk3zxH3I1nv
pwL5YhhKpPOpckOt8ZbkUQuBbsxMyst0zb1Nw7MtOLUxqhZvID8nTQUkGJtIw5pz
Z1/11YlmpMswF4+xUkdL7HuF4vsHFR5nLuepcAdJdsa8PKL4dQ+d3CIQzEOVU/K8
cUIN4JPRv6enlGzVfAgkSMLUmgd/lBXMI+IKVbrznAr1Abn0f3EkgPXyHTsQEuRA
vQLRcNRGiIBDLbHGKlmHb0nN7XY+hIkHkKSLOwNgY4u7o3CxFxerqE/QEMh0+B1s
HxVFVJVG2bJJNo9Y/MeaCHU5HoqKcm+sF7lcxOgR35chYapfZBn0G8j/6is32pQ6
U3+nIq7X5NVQDLeDPqohHNu/1mzstzkuQt4YlMB1wyjP8FY/mcCzFX17hxJEQRzb
KeEGZ4/Yk2s11a6ZgTtA3JWtwe1WMyvgAE510SrPnygtfWXHc0SQQeZIt/8rHvGD
Gy46LCD/xjVaCq3+DA/fFbUjRkgOO5YSQ+ZL1eGuAYk0vRmOxAFMcErnuLsxLPTx
9SnepLQ4g++7QuAjaZk2hrfcwYI1rxjULWq4I+WkdjwBOyl68Pkg6MljMvJwxkWA
C+39AsHJFGs=
=8cf3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ